At Settleezy UG (haftungsbeschränkt), privacy is a very important topic and we want to ensure your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with statutory law , in particular the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
This policy applies to all services offered through our website.
We process your personal data for the following purposes:
| Data Category | Retention Period |
|---|---|
| Account & Profile Data | Duration of active membership + 3 years after closure (§196 BGB) |
| Payment & Invoice Data | 10 years (§147 AO , German tax law) |
| Contact Form | 2 years or until inquiry resolved |
| Consents | Duration of consent + 3 years for legal proof |
| Analytics Data | 26 months (Google Analytics standard) |
| Uploaded documents (e.g. passport, visa) | Duration of service + 30 days post-completion, then permanently deleted |
Document Handling: Documents you upload are accessed by our team exclusively to prepare and provide our service. We do not share these with third parties. Upon deletion, files are permanently removed from primary storage, database records deleted, and a deletion event is written to our internal audit log for compliance.
Data Processing Agreements (DPAs) are in place with all providers:
| Provider | Purpose | Compliance |
|---|---|---|
| Hostinger | Hosting and CDN | EU region, SCCs in place |
| Stripe | Payment processing | PCI-DSS Level 1, GDPR compliant |
| Google Analytics | Website analytics | IP anonymization enabled, consent required |
| Microsoft Clarity | Session analytics & heatmaps | Loaded after consent; sensitive areas masked |
| Cal.com | Consultation booking | GDPR compliant scheduling platform |
| Web Fonts | Typography (Inter, Space Grotesk) | Self-hosted , no external font requests |
Your personal data is primarily processed and stored within the EU/EEA (Germany). Where transfers to the USA occur (e.g. Google, Stripe), they rely on:
Art. 15 , Access
Request a copy of all your personal data.
Art. 16 , Rectification
Correct inaccurate or incomplete data.
Art. 17 , Erasure
Request deletion ("right to be forgotten").
Art. 18 , Restriction
Limit processing in certain circumstances.
Art. 20 , Portability
Receive your data in machine-readable format (JSON).
Art. 21 , Object
Object to processing based on legitimate interests.
Withdraw Consent
Withdraw consent at any time without affecting prior processing.
How to exercise your rights: Go to Settings → Privacy in your dashboard to export or delete your data, or email info@settleezy.de. We will respond within 30 days (extendable by 60 days for complex requests).
In the event of a personal data breach, we follow a structured response procedure:
If you suspect a data breach, please contact us immediately at info@settleezy.de.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For Germany, this is: