Privacy Policy

1. Controller

2. Processing when you visit the website (hosting)

This website is hosted with Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA). When the pages are accessed, the hosting provider processes technically necessary server log data (e.g., IP address, date/time, requested resource, user agent) in order to ensure the delivery and security of the website.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a secure, stable provision of the service). A data processing agreement is in place with Vercel; transfers to the USA are safeguarded on the basis of the EU Standard Contractual Clauses and/or the EU-US Data Privacy Framework.

3. The extension (local-first)

CleanPick Dev processes all functional data (e.g., pick history, license status) exclusively locally in your browser via chrome.storage.local. This data is not transmitted to us or third parties. The extension injects no code into the websites you visit (zero-DOM footprint) and performs no tracking.

4. Contacting us

When you contact us by email, we process the data you provide (e.g., name, email address, content of your request) in order to handle your inquiry. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures / performance of a contract) or (f) GDPR (legitimate interest in communication).

5. Purchase processing via Paddle

Paid purchases are processed via Paddle.com Market Ltd. (Judd House, 18–29 Mora Street, London EC1V 8BT, UK) as Merchant of Record. Paddle is an independent controller (own/independent controller) for the processing of payment, billing, and tax data and processes it in accordance with its own Privacy Policy.

From Paddle we receive only the data required to perform the contract (e.g., name, email address, order/license information) in order to provide the license key and offer support. Legal basis: Art. 6(1)(b) GDPR.

6. Recipients / processors

• Vercel Inc. — hosting of the website (processor).
• Paddle.com Market Ltd. — payment processing (independent controller as Merchant of Record).
• Email provider for handling your inquiries.

7. Transfers to third countries

Insofar as data is transferred to third countries (in particular the USA), this is done on the basis of appropriate safeguards (EU Standard Contractual Clauses pursuant to Art. 46 GDPR and/or certification under the EU-US Data Privacy Framework).

8. Retention period

We store personal data only for as long as is necessary for the respective purposes or as long as statutory retention periods (e.g., under commercial and tax law) require. You can delete local extension data yourself at any time in your browser.

9. Cookies & tracking

We use no tracking, analytics, or marketing cookies. Technically necessary cookies may be set exclusively in the context of the Paddle checkout by Paddle.

10. Your rights (data-subject rights)

Under the GDPR, you have in particular the following rights:

• access (Art. 15), rectification (Art. 16), erasure (Art. 17),
• restriction of processing (Art. 18), data portability (Art. 20),
• objection to processing based on legitimate interests (Art. 21),
• complaint to a supervisory authority (Art. 77).

To exercise these, simply send an email to support@flowent.de.

11. Competent supervisory authority

12. No automated decision-making

No solely automated decision-making, including profiling within the meaning of Art. 22 GDPR, takes place.