← Back to home

Privacy Policy

Thank you for your interest in Pagedwell. Protecting your personal data is important to us. The following sections explain in detail how we handle your data.

1. Data controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Alexander Löfflad Im Speicher 18 79353 Bahlingen am Kaiserstuhl Germany

Email: hello@pagedwell.app

2. General information on data processing

2.1 Scope of processing

We collect and use personal data from our users only to the extent necessary to provide a functional website along with our content and services. Personal data is generally processed only with the user’s consent. An exception applies where prior consent cannot reasonably be obtained and processing of the data is permitted by law.

Where we obtain the data subject’s consent for processing operations involving personal data, Art. 6(1)(a) GDPR serves as the legal basis.

For the processing of personal data necessary for the performance of a contract to which the data subject is party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.

Where processing of personal data is necessary to fulfil a legal obligation to which our organisation is subject, Art. 6(1)(c) GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our organisation or a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, then Art. 6(1)(f) GDPR serves as the legal basis for processing.

2.3 Erasure and storage period

Personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage beyond that may take place where it is provided for by European or national legislators in EU regulations, laws or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by such norms expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

3. Provision of the website and creation of log files

3.1 Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. The following data is collected:

  • IP address of the user
  • Date and time of access
  • Page accessed
  • Referrer URL (the previously visited page)
  • Browser and operating system used
  • Amount of data transferred
  • HTTP status code

This data is temporarily stored in the log files of our hosting provider. This data is not stored together with other personal data of the user.

Our hosting provider is:

Cloudflare Germany GmbH Rosental 7 80331 München Germany

Cloudflare operates a globally distributed content delivery network (CDN). When our website is accessed, the content is delivered via the Cloudflare infrastructure. In doing so, Cloudflare processes technically necessary data (in particular IP address, timestamp, HTTP request details) for the delivery of the content and protection against cyberattacks, bot traffic and abuse.

A data processing agreement (DPA) under Art. 28 GDPR has been concluded with Cloudflare, which guarantees the protection of our visitors’ data. Where personal data is transferred to the US parent company Cloudflare Inc., this is based on the EU-US Data Privacy Framework (adequacy decision of the European Commission of 10 July 2023). Cloudflare is certified under the Data Privacy Framework.

You can find more information about data protection at Cloudflare at: https://www.cloudflare.com/privacypolicy/

The legal basis for the temporary storage of the data and log files is Art. 6(1)(f) GDPR. Our legitimate interest is in ensuring the secure and stable operation of our website and in detecting and defending against abuse.

3.3 Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s device. For this, the user’s IP address must be stored for the duration of the session.

Storage in log files takes place to ensure the functionality of the website. The data also serves us to optimise the website and to ensure the security of our information technology systems.

3.4 Storage period

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. IP addresses in Cloudflare’s log files are deleted or anonymised after 24 hours by default. Aggregated security and performance data without personal reference may be stored for longer.

3.5 Right to object and erasure

Collection of the data for the provision of the website and storage of the data in log files is mandatory for the operation of the website. Consequently, the user has no possibility to object.

4. Waitlist signup

4.1 Description and scope of data processing

On our website you can sign up for the Pagedwell waitlist via a form to be notified when the app launches. The following data is collected and stored:

  • Email address (required)
  • Language of the website version used (DE or EN)
  • Time of submission
  • IP address at the time of submission

To prevent spam, we use technical protection measures (honeypot method). No additional personal data is collected in this process.

To send the signup as an email to us, we use the service:

Resend, Inc. 2261 Market Street #5039 San Francisco, CA 94114 USA

A data processing agreement (DPA) under Art. 28 GDPR has been concluded with Resend. The data transfer to the USA is based on the EU-US Data Privacy Framework. Resend is certified under the Data Privacy Framework.

You can find more information about data protection at Resend at: https://resend.com/legal/privacy-policy

In none of the cases mentioned does the data get passed on to third parties beyond the named processors. The data is used exclusively for notification about the app launch.

The legal basis for the processing of the data is your express consent in accordance with Art. 6(1)(a) GDPR. By submitting the form, you consent to the processing of your email address for the purpose of a one-time launch notification.

4.3 Purpose of data processing

The processing of your email address takes place exclusively to inform you once about the launch of Pagedwell. There is no newsletter or other commercial communication.

The other personal data processed during the submission process (IP address, time) serves to prevent abuse of the form and to ensure the security of our information technology systems.

4.4 Storage period

The data is deleted as soon as it is no longer required to achieve the purpose of its collection. Your email address will be deleted no later than 3 months after the launch notification has been sent. In the case of statutory retention obligations, deletion takes place after their expiry.

4.5 Right to object and erasure

You have the option to revoke your consent to the processing of personal data at any time. An informal notification by email to hello@pagedwell.app is sufficient. All your personal data will be deleted in this case.

5. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

5.1 Right of access (Art. 15 GDPR)

You may request confirmation from us as to whether personal data relating to you is being processed by us. If such processing is taking place, you may request information from us about the following:

  • the purposes for which the personal data is processed
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed
  • the planned duration of storage
  • the existence of a right to rectification or erasure
  • the existence of a right to lodge a complaint with a supervisory authority
  • all available information about the origin of the data, if the personal data is not collected from the data subject

5.2 Right to rectification (Art. 16 GDPR)

You have a right to rectification and/or completion vis-à-vis the controller, insofar as the processed personal data concerning you is incorrect or incomplete.

5.3 Right to restriction of processing (Art. 18 GDPR)

Under certain conditions, you may request the restriction of the processing of personal data concerning you.

5.4 Right to erasure (Art. 17 GDPR)

You may request the controller to erase the personal data concerning you without undue delay, provided one of the legally regulated grounds applies.

5.5 Right to notification (Art. 19 GDPR)

If you have exercised the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing.

5.6 Right to data portability (Art. 20 GDPR)

You have the right to receive personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format.

5.7 Right to object (Art. 21 GDPR)

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR.

You have the right to revoke your data protection consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of consent until the revocation.

5.9 Automated decision-making in individual cases including profiling (Art. 22 GDPR)

You have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you.

5.10 Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the GDPR.

The supervisory authority responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg Lautenschlagerstraße 20 70173 Stuttgart Germany Phone: +49 711 615541-0 Fax: +49 711 615541-15 Email: poststelle@lfdi.bwl.de Internet: https://www.baden-wuerttemberg.datenschutz.de

6. Currency and amendment of this privacy policy

This privacy policy is currently valid and dated 14 May 2026. Due to the further development of our website and offerings or due to changed legal or official requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on the website at https://pagedwell.app/en/privacy.

Last updated: 14 May 2026