Privacy policy

Last updated: March 2026

1. Controller

Dominik Schwarz Ventures GmbH
Waldemarstr. 5b, 10179 Berlin, Deutschland
E-Mail: [email protected]

2. What data we collect

2.1 Account data

On registration: name, email address. With Google login, additionally: profile picture.

2.2 Form responses

Responses submitted by respondents through published forms. The type of data depends on the specific form.

2.3 Usage data

IP address, browser type, timestamps. Used for security and error analysis.

2.4 Payment data

Payments are processed via Stripe. We do not store credit card data.

3. Purpose of processing

  • Provision of the service (Art. 6 (1) (b) GDPR)
  • Account management and authentication
  • Payment processing via Stripe
  • AI-assisted form analysis (only with consent, Art. 6 (1) (a) GDPR)
  • Error analysis and security (Art. 6 (1) (f) GDPR)

4. AI processing

When a form creator activates AI analysis, responses are transmitted to the Anthropic API (Claude). Before transmission, personal data (PII) is automatically masked. Respondents are informed about the AI use.

5. Data sharing

We only share personal data with the following third parties:

  • Hetzner Online GmbH — Server hosting (Germany)
  • Cloudflare Inc. — CDN and DDoS protection
  • Stripe Inc. — Payment processing
  • Anthropic PBC — AI processing (only when AI analysis is enabled)

6. Retention period

Account data: until account deletion. Form responses: until the form creator deletes them or the account is deleted. Server logs: 30 days. Error logs: 90 days.

7. Your rights

You have the right to:

  • Access your stored data
  • Rectification of incorrect data
  • Erasure of your data ("right to be forgotten")
  • Data portability
  • Withdrawal of consent given
  • Lodge a complaint with a supervisory authority

To exercise your rights, contact us at [email protected].

8. Account deletion

You can delete your account at any time in the settings. On deletion, all your data (account, forms, responses, payment history) is irreversibly removed.

9. Data processing

Where we process personal data on behalf of our customers, we have concluded a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR. You can find the full DPA at Data Processing Agreement.

10. Cookies

We only use technically necessary session cookies for authentication. No tracking or marketing cookies are used.