soulcode
← Back to home

Privacy Policy

Last updated: December 1, 2025

Soulcode (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you visit our website, in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the Swiss Data Protection Act (DSG).

Data Controller

Soulcode is the data controller responsible for processing your personal data. For privacy inquiries, please use our contact form.

What Data We Collect

Server Log Files

When you visit our website, we automatically collect technical data for security and performance purposes:

  • Time of access
  • Pages and files accessed
  • Referring website
  • Browser type and operating system
  • IP address

This data is stored for up to 4 weeks and then automatically deleted. We do not create personal user profiles from this data. Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

Contact Form and Email

If you contact us via our contact form or email, we collect the information you provide (such as name, email address, company, and message content) to respond to your inquiry. This data is deleted once the purpose of collection has been fulfilled. Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

Interactive Content

Our website includes interactive features powered by OpenAI. When you use these features, your input is processed by OpenAI and stored securely on their servers in the USA for up to 30 days. Please do not submit confidential information through these features. Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

Services We Use

Website Hosting (Vercel)

Our website is hosted by Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA). The website is delivered from AWS servers in Frankfurt, Germany (AWS eu-central-1).

Analytics (PostHog)

We use PostHog for website analytics to understand how visitors use our site. PostHog is configured as first-party analytics through a Vercel proxy, meaning no data is sent to third-party tracking services. We use this data solely to improve our website experience. Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

Content Generation (OpenAI)

Interactive content features on our website are powered by OpenAI (OpenAI, L.L.C., San Francisco, USA). OpenAI processes user inputs to generate responses and may store this data for up to 30 days.

International Data Transfers

Some of our service providers (Vercel, OpenAI) are based in the USA. Data transfers to the USA are conducted in compliance with GDPR requirements, including appropriate safeguards such as Standard Contractual Clauses.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access – Request information about your personal data (Art. 15 GDPR)
  • Right to rectification – Request correction of inaccurate data (Art. 16 GDPR)
  • Right to erasure – Request deletion of your data (Art. 17 GDPR)
  • Right to restrict processing – Request limitation of processing (Art. 18 GDPR)
  • Right to data portability – Receive your data in a portable format (Art. 20 GDPR)
  • Right to object – Object to processing based on legitimate interests (Art. 21 GDPR)

To exercise any of these rights, please use our contact form. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Data Security

We implement appropriate technical and organizational measures to protect your personal data. However, please note that no internet transmission is completely secure. We recommend avoiding sending confidential information via our contact form.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.

Contact Us

For questions about this privacy policy or your personal data, please use our contact form.