HSLRAI • Data • Software

Privacy Policy

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

1. Data Controller

The data controller for this website is:

Johannes Häußler
HSLR
Schlehenhalde 16, 89537 Giengen an der Brenz, Germany
Email: johannes@hslr.ai

2. Data Collection on This Website

Server Log Files

The website provider automatically collects and stores information in server log files that your browser transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not combined with other data sources. The basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest is ensuring the technical operation, IT security, and defense against abusive access to our website.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there (name, email, company, message), will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent. The legal basis is Art. 6(1)(b) GDPR (contract initiation). For abuse prevention, IP-based request frequencies are kept temporarily (maximum 1 hour) in memory and are not persistently stored.

3. Third-Party Services

Calendly (Appointment Booking)

We use Calendly for appointment scheduling. When you book an appointment, data is processed by Calendly, LLC (USA). Calendly is certified under the EU-US Data Privacy Framework. For more information, see Calendly's privacy policy at calendly.com/privacy.

Resend (Email Service)

We use Resend for sending emails from our contact form. When you submit the contact form, your data is transmitted via Resend Inc. (USA) to deliver the message to us. Resend is certified under the EU-US Data Privacy Framework; additionally, a data processing agreement with EU Standard Contractual Clauses is in place. The legal basis for the transfer is Art. 6(1)(b) GDPR (contract initiation). For more information, see Resend's privacy policy at resend.com/legal/privacy-policy.

Vercel (Hosting)

This website is hosted by Vercel Inc. (USA). When you access the website, technically necessary data (IP address, timestamp) is transmitted to Vercel servers. Vercel is certified under the EU-US Data Privacy Framework. For more information, see vercel.com/legal/privacy-policy.

Use of AI-Assisted Tools

For internal work purposes (e.g. research, drafting texts, software development), we occasionally use AI-assisted tools, including Anthropic Claude (Anthropic PBC, USA). Personal data that you provide to us via this website or by email is not entered into these tools or transmitted to their providers. No automated processing of your data by AI takes place.

Social Media Links

This website contains links to external social media platforms (LinkedIn, GitHub). Clicking these links will redirect you to the respective platforms, whose privacy policies apply there. Data is only transferred to these platforms when you actively click the link.

4. Cookies and Analytics

This website does not use cookies.

Umami Analytics

We use Umami Cloud for anonymous reach measurement. Umami does not set cookies and does not create persistent user IDs. The IP address is transmitted to cloud.umami.is on page view but is not stored; only aggregated metrics (page views, referrer, device type, country) are collected. The legal basis is Art. 6(1)(f) GDPR — our legitimate interest is the statistical evaluation of website usage for technical and content optimisation. The service is operated by Umami Software, Inc. (USA); EU Standard Contractual Clauses are used for the third-country transfer. You may object to measurement at any time (see section "Right to Object"). For more information: umami.is/privacy.

5. Your Rights

You have the right to:

  • Request information about your stored personal data
  • Request correction of incorrect data
  • Request deletion of your data
  • Request restriction of processing
  • Object to processing
  • Request data portability

For access, correction, deletion, or objection requests, please contact us informally at johannes@hslr.ai with the subject "Data Protection Request". We will respond within one month in accordance with Art. 12(3) GDPR.

You also have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Lautenschlagerstraße 20, 70173 Stuttgart, Germany
www.baden-wuerttemberg.datenschutz.de

6. Right to Object (Art. 21 GDPR)

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is based on a legitimate interest (Art. 6(1)(f) GDPR). This applies in particular to the processing of server log files and reach measurement with Umami. Please address your objection informally to johannes@hslr.ai.

7. Data Retention

Contact form data will be retained for the duration of the business relationship and deleted after the statutory retention periods (typically 6-10 years for business correspondence). Server log files are deleted after 30 days.

8. Data Security

We use SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the "https://" in your browser's address bar.

9. Automated Decision-Making

Automated decision-making, including profiling within the meaning of Art. 22 GDPR, does not take place on this website.

10. Changes to This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our practices or for other operational, legal, or regulatory reasons.

Last updated: May 2026

Privacy Policy | HSLR