Privacy Policy

Who we are (controller)
What data we process
Web fonts & third parties
Cookies
Hosting
Your rights
Right to complain
Changes

1. Who we are (controller)

The controller responsible for the processing of personal data on this website (within the meaning of Art. 4(7) GDPR) is:

Secure Standards GmbH
Am Dornbusch 61
63225 Langen (Hessen), Germany
Email: privacy@locaided.com

A data protection officer is not required by Art. 37 GDPR / § 38 BDSG given the size and processing activities of the controller. For any privacy-related question, please use the email address above.

2. What data we process

Server log data

When you visit this website, our hosting provider (see section 5) automatically logs technical information that your browser sends. This typically includes:

IP address (in shortened form where possible)
Date and time of the request
The requested URL and HTTP status
Referrer URL (the page you came from)
Browser and operating system

Purpose: ensuring the technical operation, security and stability of the website, defending against attacks, and identifying and resolving errors.

Legal basis: Art. 6(1)(f) GDPR — our legitimate interest in providing a working, secure website.

Retention: log data is kept only as long as needed for those purposes, typically a few days, and is then either deleted or anonymised.

Contact form & email

If you reach out via our contact form or by email, we process the data you provide (name, email, message and optional category) to handle your enquiry.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual or contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in answering enquiries).

Retention: we keep your message until your enquiry is fully resolved, plus any retention period required by law (e.g. tax-relevant correspondence under § 257 HGB / § 147 AO).

Contact form submissions are processed for us by Netlify, Inc. (see section 5). We have a Data Processing Agreement in place with Netlify.

3. Web fonts & third parties

This site loads two open-source font families (Inter and Work Sans) from Google Fonts (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When the fonts load, your browser contacts Google's servers, which means your IP address may be transmitted to Google.

Legal basis: Art. 6(1)(f) GDPR — our legitimate interest in a consistent, professional typographic experience.

You can read Google's privacy information here: policies.google.com/privacy.

Our brand font Britti Sans is loaded directly from our own server and does not involve any third party.

4. Cookies

This website does not currently set any tracking cookies, analytics cookies or marketing cookies. We use a small localStorage entry only to remember your choice from the cookie banner (so we don't ask you again on every visit). This entry contains nothing more than your consent decision and is stored on your device, not on our servers.

You can clear it any time by clicking Manage cookies in the footer.

If we add optional analytics or marketing services in the future, we will only load them after you have given consent under Art. 6(1)(a) GDPR / § 25 TTDSG, and we will update this page accordingly.

5. Hosting

This website is hosted by Netlify, Inc., 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA. Hosting includes serving the static pages and processing contact form submissions.

For data transfers to the USA, Netlify is certified under the EU-U.S. Data Privacy Framework, which the European Commission has recognised as providing an adequate level of data protection (Art. 45 GDPR).

More details: netlify.com/gdpr-ccpa.

6. Your rights

Under the GDPR you have the right to:

Access the personal data we hold about you (Art. 15)
Rectification of incorrect data (Art. 16)
Erasure of your data (Art. 17)
Restriction of processing (Art. 18)
Data portability (Art. 20)
Object to processing based on legitimate interests (Art. 21)
Withdraw any consent you have given, with effect for the future (Art. 7(3))

To exercise any of these rights, email us at privacy@locaided.com.

7. Right to complain

You have the right to lodge a complaint with a supervisory authority. The authority responsible for our company is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 31 63
65021 Wiesbaden, Germany
datenschutz.hessen.de

8. Changes to this policy

We may update this policy when our processing changes — for example, when we add a new service or feature. The current version is always available at this URL with the effective date shown at the top.

Contents