Privacy
Privacy policy
Below we inform you about the processing of personal data on this website in accordance with Article 13 GDPR.
1. Controller
Asmen Roj Karadag
L1fter Digital Solutions
Ossastr. 37
12045 Berlin
Germany
Email: info@l1fter.com
Phone: 030 53214907
2. Hosting and server log files
This website, the related database, and our internally operated systems run on VPS infrastructure provided by Contabo. According to your current hosting information, operations are located in the "Hub Europe" region.
When you access this website, our server processes technically necessary connection data, in particular IP address, date and time of access, requested URL, referrer, browser type, and operating system. Processing takes place to provide the website, ensure stability and security, and prevent misuse under Article 6(1)(f) GDPR.
If Contabo cannot exclude access to personal data as part of infrastructure hosting, such processing takes place under a data processing agreement pursuant to Article 28 GDPR.
3. Cookies, similar technologies, and consent management
This website only uses technically necessary cookies or similar client-side storage mechanisms by default. Non-essential analytics cookies are only set after you consent through the cookie banner.
The cookie we set, l1fter_cookie_consent, stores your cookie choice for 180 days. The legal basis is Article 6(1)(c) GDPR in connection with documentation obligations and Article 6(1)(f) GDPR for consistent implementation of your decision.
If you log into the internal area, we set the technically necessary session cookie l1fter_session for up to 7 days. The legal basis is Article 6(1)(b) GDPR.
In addition, the website uses session storage in the browser for purely functional interface flows, for example chat context during a session and internal scroll or UI state. This data is deleted when the browser tab is closed.
4. Contact form and appointment booking
If you contact us via the contact form, we process the data you enter (company, email address, subject, selected consultation focus, message, time zone, selected slot, and where applicable reservation ID) in order to respond to your request and organize an initial consultation.
The information is initially stored in our database. For appointment handling, required data is also transmitted to Cal.eu. The legal basis is Article 6(1)(b) GDPR or, for general business inquiries, Article 6(1)(f) GDPR.
During appointment handling, we also process data for showing available slots, reserving individual time slots, and completing the booking. This may include selected time windows, time zones, and technical reservation identifiers.
According to Cal.eu, the scheduling platform is operated within the EU and processes data exclusively in Europe. Source: cal.eu.
5. Client login and internal user accounts
For certain user areas of the website, we may create internal user accounts. These accounts are not created through a public registration form but are set up internally by us.
Login takes place using the credentials you enter. After successful login, we set the l1fter_session cookie to enable access to protected content and user rights management. The legal basis is Article 6(1)(b) GDPR and Article 6(1)(f) GDPR.
6. Chatbot
When you use the website chat, we process your chat messages and a technical conversation ID in order to answer your request. The conversation ID is stored in session storage during your browser session.
Chat requests are first sent to our own chat API and from there to our AI service. For this privacy policy, we assume according to your specification that processing takes place exclusively via EU servers and no data leaves the EU.
For the provider Requesty, we refer to the manufacturer's information on the EU gateway, Frankfurt hosting, zero data retention, and DPA: requesty.ai/security and requesty.ai/dpa.
7. Newsletter
If you subscribe to our newsletter, we process your email address and the associated proof of consent. This includes in particular the time of signup, IP address, user agent, source page, consent text, consent version, and privacy version.
Signup takes place via double opt-in. Your address is only activated after you click the confirmation link in the email. The legal basis is your consent under Article 6(1)(a) GDPR.
The proof data is stored in our database and passed on to our self-operated ERP/CRM and mail setup for CRM or sending processes where this is necessary for delivery and proof of consent.
8. Analytics only with consent
Analytics services are only activated after you consent in the cookie banner. Without consent, no corresponding tracking takes place. You can change or withdraw your choice at any time using the "Cookie settings" link in the footer.
If you consent to analytics processing, we use Google Analytics. Without consent, Google Analytics is not loaded.
9. Recipients and processors
Where necessary, we use service providers as processors pursuant to Article 28 GDPR.
Based on the current state of the application, the relevant recipients or processors include Contabo for hosting infrastructure, Cal.eu for scheduling, Requesty for the EU-based AI gateway, and Google if you consent to Google Analytics.
10. Storage periods
We store personal data only as long as necessary for the respective purposes or as required by statutory retention obligations. Session storage data ends when the browser tab is closed. Cookie consents are stored for 180 days and login sessions for up to 7 days.
Chat sessions are currently closed server-side after 30 minutes of inactivity. Double opt-in tokens for the newsletter are currently valid for 7 days. User accounts are generally stored as long as the respective access is required or legal or contractual reasons prevent deletion.
11. Your rights
You have the rights to access, rectification, erasure, restriction of processing, data portability, and objection in accordance with Articles 15 to 21 GDPR. Any consent you have given can be withdrawn at any time with effect for the future.
You also have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work, or the place of the alleged infringement.
12. Contact for privacy questions
If you have questions about the processing of your data, please write to info@l1fter.com.