Privacy Policy

1. Controller

The party responsible for the processing of personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Digitalmindsoft Publishing e.K.
Owner: Christian Kramer
Hörvelsinger Weg 51, 89081 Ulm, Germany
Email: info@digitalmindsoft.eu

2. General information & SSL/TLS

We process personal data only to the extent necessary to provide our services, and always in accordance with the GDPR. For security reasons, this site uses SSL/TLS encryption; you can recognise an encrypted connection by the „https://“ prefix in the address bar.

3. Hosting & server log files

Hosting and content delivery are provided by Vercel Inc. When the pages are accessed, server log files are processed automatically (IP address, date and time, requested resource, referrer, browser type/version). This data serves the technical provision, security and stability of the service. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR).

4. User account & sign-in

To use the Studio, we create an account for you. Authentication, the database and profile data are processed via Supabase (hosted in the EU, Frankfurt region). When you sign in via magic link, we process your email address; when you optionally sign in via Discord or Twitch (OAuth), we receive your identifier, username, email address and, where applicable, a profile picture from them. The legal basis is the performance of a contract (Art. 6(1)(b) GDPR).

5. AI generation

To create your assets, we transmit your inputs (style/subject selection, text inputs) and, where applicable, generated images to our AI service providers: OpenAI (image generation) and Atlas Cloud (image editing and video generation). This may involve a transfer to the USA; such transfer is safeguarded by EU Standard Contractual Clauses and/or the EU-US Data Privacy Framework. The legal basis is the performance of a contract (Art. 6(1)(b) GDPR). No AI training is carried out on your content for our purposes.

6. Storage of your created works

The files you create are assigned to your account and stored in an object storage (Cloudflare R2, EU jurisdiction) in order to make them available to you for retrieval and download (Art. 6(1)(b) GDPR).

7. Payment processing

Payments (subscriptions and Amber packages) are processed via Paddle.com Market Ltd. as the „Merchant of Record“. For this purpose, Paddle processes the necessary payment, invoicing and address data under its own responsibility and remits the applicable VAT. We ourselves do not receive or store complete payment-instrument data. The legal basis is the performance of a contract (Art. 6(1)(b) GDPR).

8. Cookies & analytics

We use exclusively technically necessary cookies, in particular to maintain your sign-in session. We do not use tracking or marketing cookies. The legal basis for necessary cookies is § 25(2) TDDDG as well as our legitimate interest (Art. 6(1)(f) GDPR).

For reach and performance measurement we use Vercel Web Analytics and Vercel Speed Insights (Vercel Inc., USA). These services are cookieless and involve no cross-site tracking; they collect aggregated, anonymized usage and performance data (e.g. page views, Web Vitals) to improve the service and its loading speed. No profiles are created. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR); any transfer to the USA is safeguarded by the EU Standard Contractual Clauses / the EU-US Data Privacy Framework.

9. Retention period

We store personal data only for as long as it is necessary for the stated purposes or as long as statutory retention periods (e.g. under commercial and tax law) exist. Account and content data are removed when the account is deleted, unless retention obligations prevent this.

10. Your rights

You have the right at any time to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and to object (Art. 21 GDPR). To exercise these rights, please contact info@digitalmindsoft.eu. You also have the right to lodge a complaint with a data protection supervisory authority; the authority responsible for us is the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg.

11. Changes to this privacy policy

We will amend this privacy policy as soon as changes to our services or the legal situation make this necessary. The version published on this page applies in each case.