Privacy Policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

AYE Digital UG (limited liability)
Willstätterstraße 7
40549 Düsseldorf
Email: •••@•••.•••
Website: https://aye.de

2. Collection and Processing of Personal Data

We process personal data as part of providing our service, in particular contact and order data (e.g., email address, name, optional billing data), technical metadata (e.g., IP-related security and rate-limit information in hashed form, user-agent hash), and payment and transaction data. We also process the target URL you submit and the publicly accessible website content retrieved from it for analysis purposes.

3. Purposes of Processing

We process your personal data for the following purposes:

  • Preparation and delivery of the GEO audit report
  • Processing payments via Stripe
  • Communication regarding your order

4. Legal Basis

Depending on the purpose, data processing is based on Article 6(1)(b) GDPR (pre-contractual steps and contract performance), Article 6(1)(c) GDPR (legal retention obligations), Article 6(1)(f) GDPR (operational security, abuse and fraud prevention), and, where required, Article 6(1)(a) GDPR (consent).

5. Disclosure of Data

We use selected processors and recipients to deliver and operate the service, in particular payment providers (Stripe), email and delivery services, bot/security services, and AI services for report generation. Transfers to third countries may occur. Where this happens, transfers are based on appropriate safeguards (e.g., EU Standard Contractual Clauses) or another lawful transfer mechanism.

6. Use of AI Services

To create the GEO audit, publicly accessible content from your website is analyzed and sent to the AI service used for report generation (currently Anthropic Claude). Depending on the content of the target pages, this may include personal data if such data is publicly accessible. We do not transmit credentials or non-public system content.

7. Retention Period

We retain personal data only as long as necessary for each purpose. In particular: access/report links are usually retained for up to 30 days; security-related and consent evidence is retained in line with internal audit and evidence obligations; and invoicing-relevant data is retained in line with statutory retention periods (typically up to 10 years).

8. Your Rights

You have the right to:

  • Access to your stored data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)

To exercise your rights, please contact: •••@•••.••• (AYE Digital UG (limited liability), Willstätterstraße 7, 40549 Düsseldorf)

9. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. In particular, you may contact the authority at your habitual residence, your place of work, or our company seat.