Privacy Policy

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. For detailed information on data protection, please refer to our full privacy policy below.

Who is responsible for data collection?
Data processing on this website is carried out by the website operator. You can find their contact details in the 'Responsible Party' section of this privacy policy.

How do we collect your data?
Your data is collected in part when you provide it to us — for example, by entering information in our contact form. Other data is collected automatically by our IT systems when you visit the website (e.g. browser data, operating system, time of page visit).

What do we use your data for?
Some data is collected to ensure the website functions correctly. Other data may be used to process your contact requests. Data is only shared with third parties where technically necessary or where you have given your explicit consent.

You have the right to obtain free information about the origin, recipient and purpose of your stored personal data at any time. You also have the right to have this data corrected or deleted. If you have given consent to data processing, you can withdraw this consent at any time. You also have the right to lodge a complaint with the competent supervisory authority. For questions, contact us at: hello@leniuslabs.de

This website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The server is located in the Nuremberg data centre, Germany. When you access this website, Hetzner automatically processes technical access data (IP address, browser type, operating system, time, pages visited). This data is technically necessary for the operation of the website and is not merged with other data sources.

Hetzner is a German company and is directly subject to the GDPR. No transfer of personal data to third countries takes place. The use of Hetzner is based on Art. 6(1)(f) GDPR (legitimate interest in the reliable and secure operation of the website).

A Data Processing Agreement (DPA) is in place with Hetzner. Further information: https://www.hetzner.com/legal/privacy-policy

The hosting provider Hetzner automatically collects and stores information in server log files, which your browser transmits automatically. This includes: browser type and version, operating system used, referrer URL, hostname of the accessing device, time of the server request, and IP address.

This data is not merged with other data sources. The legal basis is Art. 6(1)(f) GDPR — the legitimate interest in the technically sound and secure operation of the website. Logs are deleted after a maximum of 30 days.

Technically Necessary Cookies
This website uses technically necessary cookies and comparable storage technologies (e.g. localStorage) to provide basic functionality. This includes storing your language preference and your cookie consent. This data remains exclusively on your device and is not transmitted to third parties. The legal basis is Art. 6(1)(f) GDPR.

When you send us enquiries via the contact form, your details from the enquiry form, including the contact information you provide, will be stored for the purpose of processing the request and in case of follow-up questions. We do not share this data without your consent.

Processing is based on Art. 6(1)(b) GDPR where your request relates to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of enquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) where this has been requested; consent may be withdrawn at any time.

The data you enter in the contact form will remain with us until you ask us to delete it, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g. once your enquiry has been fully processed). Mandatory statutory provisions — in particular retention periods — remain unaffected.

Data submitted via the contact form is stored in a database provided by Neon (Neon Inc., 548 Market St PMB 43931, San Francisco, CA 94104, USA). The database server is hosted in the AWS Europe (Frankfurt, eu-central-1) region — meaning data does not leave the European Economic Area.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in reliable and secure data storage). A Data Processing Agreement is in place with Neon. Further information: https://neon.tech/privacy-policy

When you sign up for our waitlist, your email address is transmitted to and processed by Brevo (Sendinblue SAS, 55 rue d'Amsterdam, 75008 Paris, France). Brevo is a European provider based in France and is fully subject to the GDPR. No transfer to third countries takes place.

We use the double opt-in procedure: after signing up, you will receive a confirmation email. Your email address will only be saved to our waitlist after you click the confirmation link. Without confirmation, your data will not be stored permanently.

The legal basis is Art. 6(1)(a) GDPR (consent). You can withdraw your consent at any time by contacting hello@leniuslabs.de. A Data Processing Agreement is in place with Brevo. Further information: https://www.brevo.com/en/legal/privacypolicy/

This website displays logos of technology providers that we use for developing and operating our solutions (e.g. OpenAI, AWS, Anthropic, Google Cloud). These logos are used solely to provide factual information about the technologies and tools we employ.

All logos are stored as static files on our own servers (hosting: Hetzner, Germany) and served from there. When these logos are loaded, no connections are established to the servers of the respective companies and no personal data is transmitted to third parties.

The use of logos is based on our legitimate interest in transparently communicating our technical infrastructure (Art. 6(1)(f) GDPR). The trademarks and logos displayed are the property of their respective owners.

This website uses Umami Analytics, a privacy-friendly open-source analytics tool that we self-host on our own server in Germany. Umami collects anonymised usage statistics including pages visited, referrer URLs, browsers and operating systems, device types, and the visitor's country of origin.

Umami does not use cookies and does not collect any personally identifiable information. No consent dialog or cookie banner is required. It is neither possible nor intended to identify individual visitors.

All data is stored exclusively on our own server (Hetzner, Germany) and is not shared with third parties. No data is transferred outside the EU.

The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest in analysing and improving our website). https://umami.is

You have given us consent to process your personal data for a specific purpose (e.g. functional cookies, future analytics). This consent can be withdrawn at any time.

Processing is necessary for the performance of a contract or to take steps prior to entering into a contract (e.g. processing your contact request).

Processing is necessary for compliance with a legal obligation to which we are subject (e.g. statutory retention obligations under tax and commercial law).

Processing is necessary for the purposes of the legitimate interests pursued by us (e.g. secure operation of the website, prevention of misuse, technical error logging), provided these interests are not overridden by your fundamental rights.

You may request information about whether and which personal data we process about you, for what purpose, from which source, and to whom it may be disclosed.

You may request the correction of inaccurate or the completion of incomplete personal data.

Under certain conditions, you may request the deletion of your personal data — in particular where it is no longer necessary for the processing purpose or where you have withdrawn your consent.

You may request the restriction of processing of your data, e.g. if you dispute the accuracy of the data or have objected to the processing.

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and to transmit it to another controller, where processing is based on consent or a contract.

You have the right to object at any time, on grounds relating to your particular situation, to processing of your personal data based on Art. 6(1)(f) GDPR (legitimate interests). We will then no longer process your data unless we can demonstrate compelling legitimate grounds that override your interests.

Where processing is based on consent, you may withdraw it at any time with effect for the future. The lawfulness of processing carried out prior to withdrawal remains unaffected.

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority — in particular in the member state of your habitual residence or the place of the alleged infringement.