Privacy Policy

Transparency in data protection: Detailed information about the processing of your personal data.

Responsible Party

Responsible party in the sense of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Flynnt UG
Museumstraße 31
22765 Hamburg

Data Protection Officer

We have appointed as data protection officer:

Lars Stelzer
Museumstraße 31
22765 Hamburg

Your Data Subject Rights

As a data subject, you have various rights against the responsible party. The most important are listed below:

Right of access (Art. 15 GDPR)

You can request information about your personal data processed by us

Right to rectification (Art. 16 GDPR)

You can demand the correction of incorrect or the completion of incomplete data

Right to erasure (Art. 17 GDPR)

You can request the deletion of your personal data

Right to restriction of processing (Art. 18 GDPR)

You can request the restriction of the processing of your data

Right to object (Art. 21 GDPR)

You can object to the processing of your data

Data portability (Art. 20 GDPR)

You can request the delivery of your data in a machine-readable format

Withdrawal of consent: If processing is based on consent, you can withdraw it at any time. The lawfulness of processing based on consent before withdrawal is not affected by the withdrawal.

Right to complain: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, workplace or the place of the alleged violation is responsible.

Directory of data protection supervisory authorities: www.bfdi.bund.de

Processing Activities

Contact Form

Type and Purpose of Processing

When you contact us through the contact form or by email, the data you provide will be stored to process your inquiry.

Processed Data:

  • Name and email address
  • Message content
  • Date and time of contact
  • IP address (technically necessary for spam protection)
Legal Basis

Art. 6 para. 1 lit. f GDPR (legitimate interest in processing inquiries) or Art. 6 para. 1 lit. b GDPR (pre-contractual measures)

Deletion Periods

Data will be deleted after complete processing of the inquiry, at the latest after 24 months. For contract initiation, commercial and tax law retention periods apply.

Registration and User Account

Type and Purpose of Processing

To use our services, you can create a user account. Registration is voluntary to provide more personalized services.

During registration we collect:

  • Email address as username
  • Password (stored encrypted)
  • Time of registration
  • Usage data (API calls, token consumption for billing)
  • For paid services: billing address
AI Request Processing

Your inputs to the AI models are processed exclusively to provide the service. No storage of content or use for model training takes place. All processing occurs in EU data centers.

Legal Basis

Art. 6 para. 1 lit. b GDPR (fulfillment of the usage contract) and Art. 6 para. 1 lit. f GDPR (legitimate interest in proper service provision)

Storage Duration

Until deletion of the user account. After termination, data will be deleted within 30 days unless legal retention obligations exist.

Website Analytics

Type and Purpose of Processing

To improve our web offering, we analyze user behavior. For this, we use the privacy-friendly analytics software PostHog.

Privacy-Compliant Configuration
  • Data Processing: Exclusively in the EU
  • Storage: Only in browser storage, no persistent cookies
  • IP Addresses: Processed anonymized
  • Session Recordings: Disabled
  • Personal Profiles: No creation of user profiles
Legal Basis

Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in analyzing website usage to optimize our offering.

Storage Duration

Exclusively session-based. Data is not stored persistently and is deleted when the browser is closed.

Hosting and Infrastructure

Type and Purpose of Processing

Our digital services are provided via Amazon Web Services (AWS). Data processing takes place exclusively in European data centers.

Legal Basis

Art. 6 para. 1 lit. f GDPR (legitimate interest in stable and secure operation of our services)

Data Processing

Processing occurs in EU data centers (Frankfurt, Ireland). Server logs are stored for a maximum of 90 days for security analysis.

Right to Object

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you based on Art. 6 para. 1 lit. f GDPR (data processing based on a balancing of interests).

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Direct objections to:

Flynnt UG
Museumstraße 31
22765 Hamburg

Changes to the Privacy Policy

We reserve the right to update this privacy policy to adapt it to changed legal situations or changes to our services. Registered users will be separately informed of significant changes.

The current version of the privacy policy, available on our website, shall be authoritative.

Privacy Questions

If you have questions about the collection, processing or use of your personal data, please contact us.

Submit privacy inquiry

Last updated: 14.10.2025