Privacy Policy – Converd

Last updated: April 10, 2026

1. Controller

Converd

Katharina Weiser

Rheinfelsstr. 22
55469 Simmern
Germany

Email: hi@converd.app

2. Data Processing & Legal Basis

We process personal data only to provide the Service.

Legal basis:

  • Art. 6(1)(b) GDPR – performance of a contract
  • Art. 6(1)(f) GDPR – legitimate interests (security, stability)

3. Data Categories

We process:

  • account data (email, login information)
  • chat data (messages, conversations)
  • technical data (IP address, device information)
  • usage data within the application

4. AI Processing

Data is processed via APIs provided by OpenAI.

This may include:

  • chat messages
  • uploaded content
  • analysis requests

Data is processed solely to provide the requested functionality and is not used to train AI models.

5. Service Providers

We use the following subprocessors:

  • Supabase (authentication, database)
  • Vercel (hosting)
  • Stripe (payments)
  • OpenAI (AI processing)
  • Cloudflare (infrastructure/storage)
  • Bunny.net (content delivery)

All providers are bound by GDPR-compliant agreements.

6. Widget Data

When the widget is used, the following data may be processed:

  • session identifier
  • page interaction events
  • chat messages
  • language settings
  • optional user uploads

The website operator is responsible for informing end users and ensuring lawful processing.

7. Cookies, analytics & storage

We use cookies and similar technologies only where needed to run converd.app and the Service. We do not use marketing cookies, advertising pixels, or cross-site tracking for profiling.

Session and auth. When you sign in, Supabase sets cookies (or equivalent browser storage) that are strictly necessary to keep you logged in and secure your account. This processing is required to perform the contract and does not rely on optional marketing cookies.

Website analytics. We use Vercel Web Analytics to understand aggregate traffic and performance (e.g. page views, Web Vitals). It is operated without cookie-based advertising or social tracking as described by the provider for this product.

Cookie consent banner. We do not operate a cookie consent banner on this website for optional tracking cookies, because we do not deploy non-essential cookies or similar technologies that would require prior consent for that purpose on converd.app. You can still restrict or delete cookies in your browser settings at any time.

Data is stored only as necessary for:

  • authentication
  • session management
  • providing the Service

8. Data Retention

Data is stored only for as long as:

  • the user account exists
  • or legal obligations require retention

9. User Rights

Users have the following rights under GDPR:

  • access (Art. 15)
  • rectification (Art. 16)
  • erasure (Art. 17)
  • restriction (Art. 18)
  • data portability (Art. 20)
  • objection (Art. 21)

Users may also file a complaint with a supervisory authority.

10. International Transfers

Data may be transferred to third countries (e.g., USA).

Transfers are based on:

  • Standard Contractual Clauses (Art. 46 GDPR)
  • additional protective measures where applicable

11. Security

We implement appropriate technical and organizational security measures to protect personal data.

12. Supervisory Authority

Rhineland-Palatinate Data Protection Authority

https://www.datenschutz.rlp.de