Privacy Policy

1. Introduction

Drödler ("we," "our," or "us") is committed to protecting your privacy and ensuring you understand how your personal information is collected, used, and safeguarded. This Privacy Policy applies to all services provided by Drödler, including:

• Our website at drodler.com and any subdomains
• Web development and design services
• Search engine optimization (SEO) and LLM optimization services
• AI automation tools and voice agents
• Lead generation and outbound marketing services
• Any other services we provide to clients

By using our services or visiting our website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

When you interact with us, you may provide the following information:

• Contact Information: Name, email address, phone number, business name, job title
• Project Information: Details about your business, goals, website requirements, and marketing objectives
• Payment Information: Billing address, credit card details (processed securely through Stripe - we do not store full card numbers)
• Account Credentials: Username, password, and security questions for any client portals
• Communications: Content of emails, chat messages, phone calls, and any other correspondence
• Feedback and Surveys: Responses to questionnaires, reviews, and feedback forms

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Device Information: IP address, browser type and version, operating system, device type
• Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
• Location Data: General geographic location based on IP address (city/country level)
• Technical Data: Screen resolution, language preferences, time zone

2.3 Information from Third Parties

We may receive information from:

• Business Partners: Referral sources who provide your contact information with your consent
• Publicly Available Sources: Business information from company websites, LinkedIn, and public databases
• Analytics Providers: Aggregated data about website traffic and user behavior

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

• Designing and developing your website or application
• Implementing SEO and digital marketing strategies
• Setting up and managing AI automation tools
• Executing lead generation campaigns
• Providing customer support and project updates

3.2 Business Operations

• Processing payments and managing invoices
• Communicating about projects, updates, and new services
• Analyzing service performance and improving our offerings
• Complying with legal obligations and resolving disputes

3.3 Marketing (With Your Consent)

• Sending newsletters and promotional content
• Sharing case studies and success stories (with permission)
• Personalizing marketing communications based on your interests

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your data under the following legal bases:

• Contract Performance: Processing necessary to deliver services you have contracted us to provide
• Legitimate Interests: Processing for our business interests (e.g., improving services, preventing fraud) where your rights do not override those interests
• Consent: Where you have given explicit consent for specific processing activities (e.g., marketing emails)
• Legal Obligation: Processing required to comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your data with:

5.1 Service Providers

• Payment Processors: Stripe for secure payment handling
• Email Services: For transactional and marketing communications
• Analytics Tools: Google Analytics, Vercel Analytics for website performance
• Hosting Providers: Vercel for website hosting and infrastructure
• CRM Systems: For managing client relationships and projects

5.2 Legal Requirements

We may disclose information when required to:

• Comply with legal process, court orders, or government requests
• Protect the rights, property, or safety of Drödler, our clients, or others
• Investigate potential violations of our terms of service

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website of any change in ownership.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Types of Cookies We Use

• Essential Cookies: Required for the website to function properly (e.g., session management)
• Analytics Cookies: Help us understand how visitors interact with our website
• Preference Cookies: Remember your settings and preferences (e.g., dark mode)

Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may impact website functionality. Most browsers allow you to: view and delete cookies, block third-party cookies, block all cookies, and clear all cookies when you close your browser.

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services and maintain our business relationship
• Comply with legal and regulatory requirements
• Resolve disputes and enforce our agreements

Specific Retention Periods:

• Active Client Data: Duration of the business relationship plus 3 years
• Financial Records: 7 years (as required by tax regulations)
• Marketing Data: Until you unsubscribe or withdraw consent
• Website Analytics: 26 months (Google Analytics default)

8. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted via HTTPS/TLS 1.3
• Access Controls: Role-based access limited to authorized personnel
• Secure Infrastructure: Hosted on Vercel with enterprise-grade security
• Payment Security: PCI DSS compliant payment processing through Stripe
• Regular Audits: Periodic security assessments and vulnerability testing

While we implement robust security measures, no system is completely secure. We cannot guarantee the absolute security of your data during transmission over the internet.

9. Your Privacy Rights

Depending on your location, you may have the following rights:

9.1 All Users

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data (subject to legal requirements)
• Opt-Out: Unsubscribe from marketing communications at any time

9.2 EEA/UK Residents (GDPR)

• Portability: Receive your data in a structured, machine-readable format
• Restriction: Request limitation of processing in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time (without affecting lawfulness of prior processing)
• Lodge Complaint: File a complaint with your local supervisory authority

9.3 California Residents (CCPA/CPRA)

• Know: Right to know what personal information is collected and how it's used
• Delete: Right to request deletion of personal information
• Opt-Out of Sale: We do not sell personal information
• Non-Discrimination: We will not discriminate against you for exercising your rights

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with all third-party processors
• Privacy Shield certification where applicable

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@drodler.com and we will promptly delete the information.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will notify you by email (if you are a client) and/or by posting a prominent notice on our website at least 30 days before the changes take effect. The "Last Updated" date at the top of this policy indicates when it was last revised.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: