Privacy Policy

Controller under data protection law: Fatih Damat, capsula.ai, Martinistraße 62-66, 28195 Bremen, Germany.

Contact: info@capsula.ai, phone +49 151 29850710.

No data protection officer has been appointed. Privacy questions can be sent to the contact address above.

This website is operated on Google Cloud Run. The current production service is hosted in the Google Cloud region us-central1. When the website is accessed, technical request data such as IP address, date and time, requested URL, referrer, browser, operating system, and status codes can be processed in server logs.

Purpose: secure delivery of the website, troubleshooting, abuse prevention, and operational reliability. Legal basis: Art. 6(1)(f) GDPR.

Google Cloud acts as a processor. Because the service runs in a US region, data can be processed in the United States. Transfers are protected through Google's contractual data processing terms, EU Standard Contractual Clauses where required, and Google's Data Privacy Framework certification where applicable.

The website stores necessary local settings in your browser, especially the cookie-consent value and technical navigation state. This keeps the consent banner from reappearing on every page and supports basic website navigation.

Optional local usage statistics are stored only after consent. This local visitor history remains in your browser and is not sent to an external analytics provider by this website.

Legal basis for necessary local storage: § 25(2) TDDDG and Art. 6(1)(f) GDPR. Legal basis for optional local usage statistics: § 25(1) TDDDG and Art. 6(1)(a) GDPR.

If you contact us through the form, email, or phone, we process the data you provide: name, email address, company, phone number, subject, message, and optional attribution data such as referrer, landing page, and UTM parameters.

Purpose: answering your request, preparing a possible business relationship, documenting the request, and preventing misuse. Legal basis: Art. 6(1)(b) GDPR for pre-contractual requests and Art. 6(1)(f) GDPR for efficient handling of business inquiries.

For technical delivery of contact requests we use Resend as an email delivery provider and may use a secured Lead-Webhook depending on production configuration. These providers process contact data only for request delivery and internal follow-up.

The website links to WhatsApp so visitors can send a question voluntarily. When you click the WhatsApp link, you leave this website and open a service provided by WhatsApp Ireland Limited and the Meta group.

WhatsApp can process phone number, profile information, message content, device information, and usage data under its own responsibility. Please use email or the contact form if you do not want to use WhatsApp.

Our processing of WhatsApp inquiries is based on Art. 6(1)(b) GDPR for pre-contractual requests and Art. 6(1)(f) GDPR for efficient communication with business contacts.

The website links to our LinkedIn company profile and to websites of referenced company contexts. External pages are opened only when you click the corresponding link.

The respective provider is responsible for data processing on external websites and social platforms.

The current website does not actively load Google Analytics, Google Tag Manager, Hotjar, HubSpot tracking, Google Maps, Google reCAPTCHA, Wordfence, TikTok embeds, YouTube embeds, Chatwoot, or Facebook/Meta Pixel.

If such services are added later, this privacy policy and the consent flow must be updated before activation.

Contact requests are kept for as long as necessary to answer the request and handle follow-up communication. Business correspondence can be retained according to statutory retention obligations.

Technical logs are retained only as long as needed for security, troubleshooting, and operation unless a longer retention period is required for a specific incident.

You have the right to access, rectification, erasure, restriction of processing, data portability, objection to processing based on legitimate interests, and withdrawal of consent with effect for the future.

You also have the right to lodge a complaint with a supervisory authority. The competent authority for Bremen is Der Landesbeauftragte für Datenschutz und Informationsfreiheit der Freien Hansestadt Bremen, www.datenschutz.bremen.de.