Privacy Policy

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Mark Malte Papke
Reichartstraße 9A
82166 Gräfelfing, Germany
Email: founders@getsetter.ai
Phone: +49 157 73312486

We process personal data of our website visitors and clients only to the extent necessary for the provision of our website and services. Processing of personal data takes place only with consent or where permitted by law.

Our website (getsetter.ai) is hosted by Framer B.V. (Netherlands). When you visit our website, the hosting provider automatically collects information in server log files transmitted by your browser (e.g., IP address, date and time of access, pages visited, browser, and operating system).

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stable and secure website operation). Framer B.V. is based in the EU (Netherlands); no third-country transfer takes place.

Our application (app) is hosted by Vercel Inc. (USA). Vercel Inc. is certified under the EU-US Data Privacy Framework.

When you contact us by email, the data you provide (e.g., name, email address, message content) will be processed and stored for the purpose of handling your inquiry.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest).

We use the service Resend Inc. (USA) for sending transactional emails (e.g., registration confirmations, password resets). Resend Inc. is certified under the EU-US Data Privacy Framework.

In the course of our services, we process personal data of our clients' contacts/leads on their behalf (e.g., name, phone number, email address, message content, appointment data).

For this processing, our respective client is the controller within the meaning of the GDPR. We act as a processor pursuant to Art. 28 GDPR on the basis of a Data Processing Agreement (DPA).

We use Stripe Inc. (USA / Ireland) for payment processing. Payment data is processed directly by Stripe. We only receive confirmation of payment receipt.

Legal basis: Art. 6(1)(b) GDPR (contract performance). More information: https://stripe.com/privacy

In the course of our services, we use AI models to conduct and optimize automated conversations. For this purpose, we use:

• OpenAI LLC (USA) – certified under the EU-US Data Privacy Framework
• Anthropic PBC (USA) – certified under the EU-US Data Privacy Framework

Personal data from conversations may be transmitted to these providers insofar as this is necessary for the provision of our services.

For automated outreach on behalf of our clients, we use:

• Twilio Inc. (USA) – messaging infrastructure; certified under the EU-US Data Privacy Framework
• 360dialog GmbH (Germany) – WhatsApp Business API partner; GDPR-compliant
• Meta Platforms Ireland Ltd. (Ireland) – WhatsApp platform; certified under the EU-US Data Privacy Framework

• Supabase Inc. (USA) – database/backend; certified under the EU-US Data Privacy Framework
• Calendly LLC (USA) – appointment scheduling; certified under the EU-US Data Privacy Framework
• Close Inc. (USA) – CRM; certified under the EU-US Data Privacy Framework

Some of our service providers are located in the USA. Data transfers to the USA are based on the EU-US Data Privacy Framework (DPF) pursuant to Art. 45 GDPR or on Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR.

You have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

To exercise your rights, please contact: founders@getsetter.ai

You have the right to lodge a complaint with a data protection supervisory authority:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18, 91522 Ansbach, Germany
https://www.lda.bayern.de

We reserve the right to update this Privacy Policy to reflect current legal requirements or changes to our services.