Last updated: May 21, 2025
Thank you for visiting our website. Protecting your personal data is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the Telecommunications and Telemedia Data Protection Act (TTDSG).
1. Controller
The controller responsible for data processing on this website is:
Spleenlab GmbH
Hauptstraße 18
07929 Saalburg-Ebersdorf
Germany
Email: contact[at]spleenlab.ai
2. Data Protection Officer (DPO)
We are currently not legally required to appoint a Data Protection Officer. Should this change, we will update this policy accordingly.
3. Data We Collect and Process
a) Server Log Files
When you visit our website, we automatically collect the following data:
-
Browser type and version
-
Operating system used
-
Referrer URL
-
Hostname of the accessing computer
-
Time of server request
-
IP address (anonymized, not stored permanently)
This data is processed pursuant to Art. 6(1)(f) GDPR to ensure website security and proper functioning. Log files are deleted after 7 days.
b) Contact Form
If you contact us via our contact form, we collect:
-
Your name
-
Email address
-
Message content
This is done with your consent (Art. 6(1)(a) GDPR). You may withdraw consent at any time by emailing us.
a) Cookies and Tracking Tools
We use cookies and third-party tools (e.g., Google Analytics, Cloudflare, Vercel) for analytical and technical purposes. Consent for cookies is obtained via our Consent Management Platform (CMP) from [name CMP used, e.g., Usercentrics].
You can adjust or revoke your consent at any time via the cookie settings icon on our website.
Cookie usage complies with Art. 25 TTDSG in conjunction with Art. 6(1)(a) GDPR.
4. Purpose of Processing
We use your personal data to:
-
Provide and maintain our website
-
Respond to contact inquiries
-
Ensure system security
-
Analyze usage to improve our offerings
5. Legal Basis
Data is processed based on:
-
Your consent (Art. 6(1)(a) GDPR)
-
Contract performance (Art. 6(1)(b) GDPR)
-
Legal obligations (Art. 6(1)(c) GDPR)
-
Legitimate interests (Art. 6(1)(f) GDPR)
6. Data Retention
We retain your data only as long as necessary for the purposes outlined or as required by law:
-
Server logs: 7 days
-
Contact inquiries: 6 months
-
Job applications: deleted after 6 months
7. Data Sharing and Processors
We may share data with:
-
Hosting providers (e.g., Vercel)
-
Analytics services (e.g., Google Analytics)
-
Cloudflare (content delivery and DDoS protection)
All third-party processors are bound by GDPR-compliant agreements (Art. 28 GDPR).
Where data is transferred outside the EU/EEA, we ensure adequate safeguards (e.g., Standard Contractual Clauses).
8. Your Rights under GDPR
You have the following rights:
-
Access (Art. 15 GDPR)
-
Rectification (Art. 16 GDPR)
-
Erasure (Art. 17 GDPR)
-
Restriction (Art. 18 GDPR)
-
Data portability (Art. 20 GDPR)
-
Objection (Art. 21 GDPR)
To exercise your rights, please contact us at: info@subke.dev
You also have the right to lodge a complaint with the supervisory authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219, 10969 Berlin
www.datenschutz-berlin.de
9. Automated Decision-Making
We do not use automated decision-making or profiling as defined under Art. 22 GDPR.
10. Data Security
We implement technical and organizational measures to protect your data from unauthorized access, loss, or misuse.
11. Children’s Privacy
Our website is not intended for children under the age of 16. We do not knowingly collect personal data from minors.
12. Changes to this Policy
We reserve the right to update this Privacy Policy to reflect changes in legal requirements or our data practices. We will notify users of significant changes on this page.