eridaaa
DE

Privacy Policy

Note: This privacy policy is a careful standard draft for the current project phase. The authoritative version is the German one. Legal review is recommended before going into public production.

1. Controller

The controller responsible for data processing on this website is:

veridaaa GmbH i.G.
Kaiser-Wilhelm-Str. 50
20355 Hamburg
Germany

Represented by: Michael Still
E-mail: contact@veridaaa.ai

2. Data protection contact

The managing director is the contact for data protection matters, reachable by e-mail at contact@veridaaa.ai. An external data protection officer has not been appointed under § 38 BDSG at this time, since the statutory thresholds are not met. Appointment will be reviewed as the company grows.

3. Data collected when you visit the website

Whenever you visit this website, the browser automatically sends technical information to our hosting provider's server and stores it temporarily in server log files. The following data is collected:

  • IP address of the requesting device (truncated where technically possible)
  • Date and time of access
  • Requested resource (URL)
  • HTTP status code and transferred data volume
  • Referrer URL (previously visited page)
  • Browser type, version and operating system

Legal basis is Art. 6(1)(f) GDPR (legitimate interest in technical provisioning and security of the website). The data is processed exclusively to ensure trouble-free operation and to defend against attacks and is deleted after 30 days at the latest, unless a security-relevant event requires retention. This data is not merged with other data sources.

4. Hosting

This website is hosted by Vercel Inc.(340 S Lemon Ave #4133, Walnut, CA 91789, USA) in the EU region (Frankfurt am Main). Vercel processes the server log data mentioned above on our behalf under a data processing agreement pursuant to Art. 28 GDPR and the European Commission's Standard Contractual Clauses for lawful transfers to third countries.

More information on data protection at Vercel: vercel.com/legal/privacy-policy.

5. SSL/TLS encryption

For security reasons and to protect the transfer of confidential content, this site uses SSL/TLS encryption. You recognise an encrypted connection by the prefix “https://” in the browser address bar.

6. Cookies

This website does not set any tracking or marketing cookies. Strictly necessary cookies are only set where required for the operation of the site (e.g. to remember the chosen theme). They contain no personal data and are processed on the basis of § 25 (2) TTDSG.

7. Reach measurement (planned)

For reach measurement we intend to use a cookieless, GDPR-compliant analytics service such as Plausible or Fathom. These services fully anonymise IP addresses, do not create user profiles, and require no consent under GDPR/TTDSG. Once a service is activated, we will update this notice with the concrete details (provider, server location, data processed).

8. Contact

The contact form on this site uses a mailto: link, which opens your local e-mail client. No data is transmitted to or stored on our servers — your message goes directly to contact@veridaaa.ai. In the subsequent e-mail conversation we process the personal data you transmit (name, e-mail address, message content) to handle your request. Legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) or (f) (legitimate interest in responding to your enquiry). The data is deleted once the purpose ceases, unless statutory retention periods apply.

9. Fonts

For a consistent appearance we use the fonts Poppins and Inter. These fonts are served locally from our own server (self-hosted via next/font). No requests are made to Google Fonts or other external servers; your IP address is not transmitted to third parties.

10. Transfer to third parties

Your personal data is only transferred to third parties in the context of hosting (see section 4). It is not passed on for advertising purposes or to any other third parties.

11. Your rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

To exercise these rights, an e-mail to contact@veridaaa.ai is sufficient. You also have the right to lodge a complaint with a data protection authority about the processing of your personal data (Art. 77 GDPR). The competent authority for Hamburg is:

The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7. OG, 20459 Hamburg
datenschutz-hamburg.de

12. Changes to this policy

We reserve the right to adapt this privacy policy to keep it in line with current legal requirements or to implement changes to our services (e.g. when new services are introduced). The updated version applies on your next visit.

Last updated: April 2026