Skip to content
$ cat legal/privacy-policy.md

Privacy Policy

Last updated: March 2026

1. Data Controller

Lexbeam Software, Inh. Werner Plutat
Speditionstraße 15A
40221 Düsseldorf, Germany
Email: hello@goclawproof.com

2. Types of Data Collected

We collect and process the following types of personal data when you use our website:

  • Newsletter Data: Email address (when subscribing to the newsletter)
  • Technical Data: IP address, browser type, operating system, referrer URL (server logs)

We do not use cookies. We do not track users across websites or devices. There are no user accounts, no login, no payment processing, and no personalized advertising. We use cookieless, privacy-friendly analytics as described in Section 4a below.

3. Legal Basis for Processing

We process your personal data on the following legal bases (Art. 6 GDPR):

  • Consent (Art. 6(1)(a)): When you subscribe to our newsletter
  • Legitimate Interests (Art. 6(1)(f)): For security measures and server log processing

4. Hosting

This website is hosted by Vercel Inc. (440 N Baxter St, Coppell, TX 75019, USA). In the course of hosting, Vercel processes server log data (IP address, timestamp, URL, user agent).

Data transfers to the USA are based on the EU-US Data Privacy Framework (Art. 45 GDPR) and Standard Contractual Clauses (SCC) pursuant to Art. 46 GDPR.

Privacy policy: vercel.com/legal/privacy-policy

4a. Analytics

This website uses OpenPanel, a privacy-friendly, cookieless web analytics tool (openpanel.dev). OpenPanel does not use cookies and does not track users across websites or devices.

The information collected includes: page URL, referrer, approximate geographic region (derived from your IP address), device type, browser type, and screen resolution. This data is aggregated and used to produce anonymous usage statistics. IP addresses are used only to derive approximate location and are not stored in their original form.

OpenPanel processes this data on our behalf as a data processor pursuant to Art. 28 GDPR. Analytics data is retained for the duration necessary to fulfil the stated purpose and is then deleted.

Legal basis: Art. 6 (1) lit. f GDPR. Our legitimate interest is the statistical analysis of website usage in order to improve our online offering. We have weighed this interest against your rights and consider the impact on your privacy to be minimal given the aggregated, non-identifying nature of the data collected.

You have the right to object to this processing at any time for reasons arising from your particular situation (Art. 21 (1) GDPR). To exercise this right, please contact us at the address provided above.

5. Newsletter

When you subscribe to our newsletter, we collect your email address. We use this exclusively to send you our newsletter (new checks, playbooks, and postmortems, approximately twice per month).

Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw your consent at any time by clicking the unsubscribe link in any newsletter email or by contacting us directly.

6. Open-Source Content and GitHub

We link to open-source repositories hosted on GitHub. When you visit GitHub, their privacy policy applies. We do not collect any data through our GitHub repositories beyond what GitHub processes as part of their platform.

7. Data Retention

  • Newsletter data: Until you unsubscribe or request deletion
  • Server logs: Per standard retention of the hosting provider

8. Your GDPR Rights

You have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR)
  • Right to Rectification (Art. 16 GDPR)
  • Right to Erasure (Art. 17 GDPR)
  • Right to Restriction of Processing (Art. 18 GDPR)
  • Right to Data Portability (Art. 20 GDPR)
  • Right to Object (Art. 21 GDPR)

To exercise any of these rights, contact us at: hello@goclawproof.com

9. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of your habitual residence.

Supervisory authority for Germany:
Landesbeauftragte für Datenschutz und Informationsfreiheit NRW
Kavalleriestraße 2-4, 40213 Düsseldorf
www.ldi.nrw.de

10. Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of data in transit (HTTPS/TLS) and access controls.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify of material changes by posting the new privacy policy on this page and updating the “last updated” date.