Privacy policy

The data controller is the natural person named in the Impressum. Contact for privacy questions: su@firmd.ai.

Site analytics (only with your consent). If you opt in via the cookie banner, the site uses PostHog to record which pages you view, what you click, and how long you stay. PostHog sets one first-party cookie plus a localStorage entry to keep your session continuous. The data goes to PostHog's EU-hosted endpoint at eu.i.posthog.com. If you opt out — or close the banner without choosing — analytics stays off.

Form submissions. When you submit the Request invitation or Touch base form, your email address and any optional message you type are sent to Tally, stored by Tally in Europe, and forwarded to me. The Tally form provider loads only after you click the button. If analytics consent is active, firmd records that a form was opened or submitted, but not the form answers.

Server logs. The hosting provider may record standard web-server logs — IP address, user-agent, requested URL, timestamp — for operational and security purposes. If access logs are enabled, IP addresses are anonymized after 24 hours and deleted within a maximum of 3 months. These logs are not joined with analytics or form data.

Analytics: to understand which parts of the site work — what to keep, what to rewrite. Legal basis: your consent (GDPR Art. 6(1)(a)). You can withdraw consent at any time using the Analytics choices link in the footer or on the homepage.

Form submissions: to reply to your invitation request or message. Legal basis: legitimate interest in responding to inbound messages and managing pre-launch interest (GDPR Art. 6(1)(f)); where the request concerns access to firmd, pre-contractual steps at your request (Art. 6(1)(b)).

Server logs: to operate and secure the site. Legal basis: legitimate interest (GDPR Art. 6(1)(f)).

Data is shared only with processors who act on my instructions under data-processing agreements:

· PostHog — analytics. EU-hosted (eu.i.posthog.com). PostHog privacy policy.

· Tally — form hosting. EU-based, with form data stored in Europe. Tally acts as a processor under its data-processing agreement. Tally privacy policy.

· Hosting provider — web server. EasyName privacy policy.

Analytics events are kept for up to 12 months, then deleted or anonymized. Form submissions are kept as long as needed to reply — typically deleted within a year of the last reply. Server-log IP addresses are anonymized after 24 hours and deleted within a maximum of 3 months if access logs are enabled by the hosting provider.

Providing form data is voluntary. If you do not provide an email address or message, I cannot reply to the request.

There is no automated decision-making with legal or similarly significant effect.

You have the right to access, correct, delete, restrict, and port your data, and to object to processing. You also have the right to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).

To exercise any of these, email su@firmd.ai. You may also complain to a supervisory authority — in Austria, the Datenschutzbehörde; in Germany, the data protection authority of your state.

The only first-party cookie on firmd.ai is set by PostHog after you opt in to analytics. It identifies your browser to keep an analytics session continuous, and expires after 12 months.

No marketing cookies. No fingerprinting. The Tally form provider loads only after you click the "Request invitation" or "Touch base" button; cookies set by that iframe are scoped to tally.so, not firmd.ai.