Writyful AI
Writyful AI
Privacy Policy
Privacy Policy

1. Data Protection at a Glance

General Information

This page provides a simple overview of how we handle your personal data when you use our website. Personal data is any information that can identify you. For detailed information, please see the complete Privacy Policy below.

Data Collection on this Website

Who controls data collection on this website?

The website operator is responsible for data processing. You can find their contact information in the "Information about the Controller" section of this Privacy Policy.

How do we collect your data?

We collect data when you provide it to us, such as through contact forms. Other data is collected automatically by our IT systems when you visit our website. This includes technical data like your browser, operating system, and access time. This automatic collection happens when you enter our site.

What do we use your data for?

Some data is collected to ensure the website functions correctly. Other data helps us understand how visitors use our site. If you can make purchases or place orders through our website, we also process your data to handle these transactions.

What are your rights regarding your data?

You have the right to access information about your stored personal data, its origin, recipients, and purpose, free of charge. You can also request correction or deletion of your data. If you've given consent for data processing, you can withdraw it at any time, which will affect future processing. You also have the right to restrict the processing of your data in certain situations and to lodge a complaint with a data protection authority.

If you have any questions about privacy, please contact us.

Analysis and Third-Party Tools

We may analyze your browsing behavior for statistical purposes. This is mainly done using analytics programs. For detailed information, please see the "Analysis Tools and Advertising" section below.

2. Hosting

We use external hosting providers for our website content.

External Hosting

Our website is hosted by external providers. Personal data collected on this website is stored on their servers. This data may include IP addresses, contact requests, website usage data, and other information generated through the website.

External hosting helps us fulfill contracts with customers (Art. 6(1)(b) GDPR) and ensures a secure, fast, and efficient website through a professional provider (Art. 6(1)(f) GDPR). If you've consented, processing is based on Art. 6 (1)(a) GDPR and § 25 (1) TDDDG, especially for cookies or device fingerprinting, and you can withdraw consent at any time.

Our hosting providers will only process your data as instructed by us.

Our host providers are:

Railway Corp.
548 Market St PMB 68956
San Francisco, CA 94104

Google Ireland Limited
Gordon House, Barrow Street
Dublin, Ireland

Data Processing Agreement

We have data processing agreements with our hosting providers to ensure they process personal data according to GDPR and our instructions.

3. General and Mandatory Information

Data Protection

We take your privacy seriously. We treat your personal data confidentially and according to data protection laws and this Privacy Policy.

When you use this website, various personal data is collected. This policy explains what data we collect and what we use it for. It also explains how and why we collect it.

Please remember that online data transmission (e.g., email) can have security vulnerabilities. Complete protection against third-party access is not possible.

Information about the Controller

The data controller for this website is:

SEMIDA UG (haftungsbeschränkt)
Heisenbergstr. 4
D-84748 Garching, Germany

E-mail: [email protected]

The controller determines the purposes and means of processing personal data.

Storage Duration

Unless specified otherwise in this policy, we store your data as long as necessary for the purpose of collection. Data will be deleted if you request deletion, withdraw consent, or the purpose for storage no longer applies, unless legal obligations (e.g., tax retention) require longer storage. In such cases, data is deleted after the retention period expires.

Legal Basis for Data Processing

We process your data based on your consent (Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR for special data categories), to fulfill a contract (Art. 6(1)(b) GDPR), to comply with legal obligations (Art. 6(1)(c) GDPR), or based on our legitimate interests (Art. 6(1)(f) GDPR). If you consent to cookies or device fingerprinting, processing is also based on § 25 (1) TDDDG. Consent can be withdrawn anytime. This policy provides specific legal bases for each processing activity.

Recipients of Personal Data

We share data with external parties as necessary for business operations, such as fulfilling contracts, legal obligations (e.g., tax authorities), or based on legitimate interests (Art. 6(1)(f) GDPR). Data is shared with processors only with a data processing agreement. For joint processing, a joint processing agreement is in place.

Withdrawal of Consent

You can withdraw your consent to data processing at any time. This withdrawal does not affect the legality of processing before your withdrawal.

Right to Object to Data Collection (Art. 21 GDPR)

YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR DATA BASED ON ART. 6(1)(E) OR (F) GDPR FOR REASONS ARISING FROM YOUR SPECIFIC SITUATION, INCLUDING PROFILING. The legal basis for processing is stated in this Privacy Policy. If you object, we will stop processing your data unless we have compelling legitimate grounds that override your interests, rights, and freedoms, or if processing is for legal claims (objection under Art. 21(1) GDPR).

IF YOUR DATA IS PROCESSED FOR DIRECT MARKETING, YOU CAN OBJECT AT ANY TIME, INCLUDING PROFILING RELATED TO DIRECT MARKETING. If you object, we will no longer use your data for direct marketing (objection under Art. 21(2) GDPR).

Right to Lodge a Complaint

If you believe GDPR is violated, you can lodge a complaint with a supervisory authority, especially in your EU member state of residence, work, or where the violation occurred. This right is independent of other legal remedies.

Right to Data Portability

You have the right to receive your data, processed automatically based on your consent or a contract, in a standard, machine-readable format, or have it transferred to another controller if technically feasible.

Information, Rectification and Erasure

You have the right to access your stored personal data, its origin, recipients, and processing purpose at any time, and to have it corrected or deleted. Contact us for any questions about this or other data privacy issues.

Right to Restriction of Processing

You can request restriction of processing in the following cases:

  • If you dispute data accuracy, we will restrict processing while verifying accuracy.
  • If processing is unlawful, you can request restriction instead of erasure.
  • If we no longer need your data, but you need it for legal claims, you can request restriction instead of erasure.
  • If you have objected under Art. 21(1) GDPR, restriction can be requested until interests are balanced.

Restricted data can only be processed with your consent, for legal claims, to protect others' rights, or for important public interest reasons, except for storage.

SSL or TLS Encryption

This website uses SSL or TLS encryption for security and to protect confidential content like orders or inquiries. You can recognize an encrypted connection when the browser address changes from "http://" to "https://" and a lock icon appears in the address bar. Encrypted connections prevent third parties from reading your data.

Encrypted Payment Transactions

Payment transactions are encrypted using SSL or TLS. You can recognize this by the "https://" and lock icon in your browser. Encrypted communication prevents third parties from reading your payment information.

Objection to Unsolicited Emails

We prohibit the use of contact information published in our legal notice for sending unsolicited advertising or information. We reserve the right to take legal action against unsolicited spam or other promotional material.

4. Data Collection on this Website

Cookies

Our website uses cookies, small data files stored on your device. Cookies can be temporary "session cookies" or persistent cookies. Session cookies are deleted when you close your browser, while persistent cookies remain until you delete them or they expire. Cookies can be first-party (set by us) or third-party (set by other companies). Cookies have various functions, some are essential for website functionality (e.g., shopping cart), others analyze user behavior or are used for advertising.

Cookies necessary for website operation, requested functions, or website optimization are stored based on Art. 6(1)(f) GDPR, unless another legal basis applies. We have a legitimate interest in storing necessary cookies for a technically smooth and optimized website. If consent is obtained for cookies and similar technologies, processing is based on Art. 6(1)(a) GDPR and § 25 (1) TDDDG, and consent can be withdrawn anytime.

You can configure your browser to notify you about cookie placement, allow cookies in specific cases, reject cookies generally, or delete cookies automatically when closing your browser. Disabling cookies may limit website functionality. Specific cookies and services used are listed in this Privacy Policy.

Server Log Files

Our website provider automatically collects and stores data in server log files, which your browser transmits to us. This data includes:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname of accessing computer
  • Time of server request
  • IP address

This data is not combined with other data sources.

Server log files are collected based on Art. 6(1)(f) GDPR. We have a legitimate interest in ensuring a functioning and optimized website, which requires server log files.

Contact via Email, Phone, or Fax

If you contact us via email, phone, or fax, we store and process your request and related personal data (name, request) to handle your inquiry. We do not share this data without your consent.

Data processing is based on Art. 6(1)(b) GDPR if your request relates to a contract, otherwise on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), which can be withdrawn anytime.

Data from contact requests is stored until you request deletion, withdraw consent, or the storage purpose ends (e.g., after resolving your request). Legal retention periods remain unaffected.

Registration on this Website

You can register on our website to use additional features. We use the data you provide only for the registered services. Required information must be provided completely, or registration may be rejected.

We may use your registration email to inform you about important changes to our services or technical updates.

Registration data is processed to manage the user relationship and for potential contract initiation (Art. 6(1)(b) GDPR). Registration data is stored as long as you are registered and then deleted, subject to legal retention obligations.

Registration with Google

You can register using your Google account. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google registration simplifies the process by using your Google name and password. Google verifies your identity and shares it with our website.

We may use information from your Google account to complete your profile, based on your Google security settings (https://myaccount.google.com/security and https://myaccount.google.com/permissions).

Google registration is based on our legitimate interest in simplifying registration (Art. 6(1)(f) GDPR). This feature is voluntary, and users control access options, so it does not infringe on data subject rights.

Google is certified under the EU-US Data Privacy Framework (DPF), ensuring European data protection standards for US data processing. More info: https://www.dataprivacyframework.gov/participant/5780.

5. Analysis Tools and Advertising

Google Tag Manager

We use Google Tag Manager, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager manages tracking and analytics tools on our website. It doesn't create user profiles, store cookies, or perform independent analysis. It only manages integrated tools. However, it collects your IP address, which may be sent to Google in the US.

Google Tag Manager is used based on Art. 6(1)(f) GDPR to efficiently manage website tools. With consent, processing is based on Art. 6(1)(a) GDPR and § 25 (1) TDDDG, particularly for cookies or device fingerprinting, and consent can be withdrawn anytime.

Google is certified under the EU-US Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics helps us analyze website visitor behavior, tracking data like pages visited, time spent, operating system, and user origin. Data is linked to the user's device, not a user ID. We can also record mouse movements, scrolls, and clicks. Google Analytics uses modeling and machine learning for data analysis.

Google Analytics uses cookies and device fingerprinting to recognize users and analyze behavior. Website usage information is usually sent to and stored on a Google server in the US.

We use Google Analytics with your consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG). You can withdraw your consent at any time.

Data transfer to the US is based on Standard Contractual Clauses (SCCs). Details: https://privacy.google.com/businesses/controllerterms/mccs/.

Google is certified under the EU-US Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/5780.

IP Anonymization

We use IP anonymization in Google Analytics. Your IP address is shortened by Google within the EU or EEA before being sent to the US. Only in exceptional cases is the full IP address sent to the US and shortened there. Google uses this data to analyze website usage, create reports, and provide related services. Your IP address is not combined with other Google data.

Browser Plugin

You can prevent Google Analytics data collection by installing the browser plugin: https://tools.google.com/dlpage/gaoptout?hl=en.

More about Google Analytics data handling: https://support.google.com/analytics/answer/6004245?hl=en.

Google Signals

We use Google Signals, which extends Google Analytics to record location, search history, YouTube history, and demographics. This data may be used for personalized advertising. If you have a Google account, Google Signals links your website visit data to your account for customized ads and anonymized user statistics.

Data Processing Agreement

We have a data processing agreement with Google and fully implement strict data protection requirements when using Google Analytics.

6. Newsletter

Newsletter Data

To receive our newsletter, we need your email address and confirmation that you own the email and agree to receive the newsletter. Additional data is optional. We use newsletter service providers for management (described below).

ActiveCampaign

We use ActiveCampaign for newsletters, provided by ActiveCampaign, Inc., 1 N Dearborn, 5th Floor Chicago, Illinois 60602, USA.

ActiveCampaign helps us manage and analyze newsletter campaigns. Data entered for newsletter subscription is stored on ActiveCampaign's servers in the US.

Data Analysis by ActiveCampaign

ActiveCampaign allows us to analyze newsletter campaigns, such as open rates and link clicks, to understand user engagement and optimize content. We can also categorize recipients by demographics for targeted newsletters. If you don't want analysis, unsubscribe from the newsletter. An unsubscribe link is in every newsletter and on our website.

More on ActiveCampaign features: https://www.activecampaign.com/email-marketing.

ActiveCampaign Privacy Policy: https://www.activecampaign.com/privacy-policy.

Legal Basis

Data processing is based on your consent (Art. 6(1)(a) GDPR), which you can withdraw anytime. Withdrawal doesn't affect prior processing legality.

Data transfer to the US is based on Standard Contractual Clauses (SCCs). Details: https://www.activecampaign.com/legal/newscc and https://www.activecampaign.com/de/legal/gdpr-updates/privacy-shield.

Storage Period

Newsletter subscription data is stored until you unsubscribe or the newsletter service provider removes you from the list. Data stored for other purposes remains unaffected.

After unsubscribing, your email may be blacklisted to prevent future mailings, based on legitimate interest (Art. 6(1)(f) GDPR) to comply with legal newsletter requirements. Blacklist storage is indefinite. You can object to blacklist storage if your interests outweigh ours.

ActiveCampaign is certified under the EU-US Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/4495.

Data Processing Agreement

We have a data processing agreement with ActiveCampaign to ensure GDPR compliance and data processing according to our instructions.

Newsletter to Existing Customers

If you purchase from us and provide your email, we may send newsletters for similar products/services, as permitted by law (Art. 6 (1)(f) GDPR in conjunction with Section 7 (3) UWG). You can unsubscribe anytime via a link in each newsletter.

After unsubscribing, your email may be blacklisted to prevent future mailings, based on legitimate interest (Art. 6 (1)(f) GDPR). Blacklist storage is indefinite. You can object to blacklist storage if your interests outweigh ours.

7. Plugins and Tools

Font Awesome (Local Embedding)

We use Font Awesome for consistent font display, locally installed to avoid connecting to Fonticons, Inc. servers.

More on Font Awesome and privacy: https://fontawesome.com/privacy.

Google reCAPTCHA

We use Google reCAPTCHA from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to distinguish human input from automated programs (e.g., in contact forms).

reCAPTCHA analyzes user behavior based on various parameters (IP address, time on site, cursor movements) when you enter the website. Analyzed data is sent to Google.

reCAPTCHA analysis runs in the background without user notification.

Data storage and analysis are based on Art. 6(1)(f) GDPR to protect our website from spam and abuse. With consent, processing is based on Art. 6(1)(a) GDPR and § 25 (1) TDDDG, especially for cookies or device fingerprinting, and consent can be withdrawn anytime.

Google Privacy Policy and Terms: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

Google is certified under the EU-US Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/5780.

Sentry

We use Sentry from Functional Software Inc., 45 Fremont Street, 8th Floor, San Francisco, California 94105, USA, for bug tracking and real-time error monitoring.

Sentry is used based on Art. 6 (1)(f) GDPR for our legitimate interest in website error-free operation. With consent, processing is based on Art. 6(1)(a) GDPR and § 25 (1) TDDDG, especially for cookies or device fingerprinting, and consent can be withdrawn anytime.

Sentry Privacy Policy: https://sentry.io/privacy/.

Data transfer to the US is based on EU Standard Contractual Clauses. Details: https://sentry.io/legal/dpa/5.0.0/#cross-border-transfer-mechanisms and https://sentry.io/legal/dpa/5.0.0/#third-party.

Sentry is certified under the EU-US Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/5869.

Data Processing Agreement

We have a data processing agreement with Sentry to ensure GDPR compliance and data processing according to our instructions.

8. E-commerce and Payment Service Providers

Processing of Customer and Contract Data

We collect, process, and use customer and contract data to manage our contractual relationships. Usage data is collected and used only if necessary for service use or billing (Art. 6(1)(b) GDPR).

Customer data is deleted after order completion or business relationship termination and after legal archiving periods expire.

Data Transfer for Online Stores, Retailers, and Shipping

When you order goods, we share your data with the shipping company and payment service provider to process the order and payment. Only necessary data is shared, based on Art. 6 (1)(b) GDPR (contract fulfillment). With your consent (Art. 6 (1)(a) GDPR), we may share your email with the shipping company for delivery notifications. You can withdraw this consent anytime.

Data Transfer for Services and Digital Content

We share data with third parties only if necessary for contract handling, e.g., payment processing. Further data transfer occurs only with your explicit consent. No data is shared for advertising without your consent, based on Art. 6(1)(b) GDPR.

Payment Services

We use third-party payment services on our website. When you make a purchase, your payment data is processed by the provider. Their privacy policies and terms apply. We use payment services based on Art. 6(1)(b) GDPR (contract processing) and legitimate interest in smooth and secure payments (Art. 6(1)(f) GDPR). If consent is required, Art. 6(1)(a) GDPR applies, and consent can be withdrawn anytime.

We use the following payment services:

PayPal

Provider: PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

Data transfer to the US is based on SCCs. Details: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

PayPal Privacy Policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Apple Pay

Provider: Apple Inc, Infinite Loop, Cupertino, CA 95014, USA.

Apple Privacy Policy: https://www.apple.com/legal/privacy/de-ww/.

Google Pay

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Privacy Policy: https://policies.google.com/privacy.

Stripe

Provider (EU): Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.

Data transfer to the US is based on SCCs. Details: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

Stripe Privacy Policy: https://stripe.com/de/privacy.

Klarna

Provider: Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.

Klarna offers various payment options and collects personal data. Klarna uses cookies for checkout optimization. Klarna Cookie Policy: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.

Klarna Privacy Policy: https://www.klarna.com/de/datenschutz/.

giropay

Provider: paydirekt GmbH, Stephanstraße 14 – 16, 60313 Frankfurt am Main, Germany.

giropay Data Privacy Policy: https://www.paydirekt.de/agb/index.html.

American Express

Provider: American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany.

Data transfer to the US is based on Binding Corporate Rules. Details: https://www.americanexpress.com/en-cz/company/legal/privacy-centre/binding-corporate-rules/.

American Express Privacy Policy: https://www.americanexpress.com/de-de/firma/legal/datenschutz-center/online-datenschutzerklarung/.

Mastercard

Provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium.

Data transfer to the US is based on Mastercard's Binding Corporate Rules. Details: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

VISA

Provider: Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom.

UK data protection is equivalent to the EU. Data transfer to the US is based on SCCs. Details: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.

VISA Privacy Policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.