Privacy Policy

Preamble

This privacy policy explains what personal data we collect, how we use it, and what rights you have. It applies to all data processing we carry out in connection with our services and this website.

Last updated: March 20, 2026

Controller

Nico Schöneburg
522 W Riverside Ave #7606
Spokane, WA 99201
USA

Email: legal@leaksshield.com

Legal notice: https://nico-ai.de/en/legal

Types of Data Processed

  • Contact data (e.g., email addresses, names)
  • Content data (e.g., text entered in contact forms)
  • Usage data (e.g., pages visited, time spent on site)
  • Communication metadata (e.g., IP addresses, timestamps)
  • Log data (e.g., server log files)

Purposes of Processing

  • Providing our services and communicating with clients
  • Handling contact requests
  • Security measures
  • Operating and maintaining this website

Legal Basis

Where the EU General Data Protection Regulation (GDPR) applies to your data, we process personal data on the following legal bases:

  • Consent (Art. 6(1)(a) GDPR) — You have given consent to the processing of your personal data for one or more specific purposes.
  • Contract performance (Art. 6(1)(b) GDPR) — Processing is necessary for the performance of a contract with you or to take pre-contractual steps at your request.
  • Legal obligation (Art. 6(1)(c) GDPR) — Processing is necessary to comply with a legal obligation to which we are subject.
  • Legitimate interests (Art. 6(1)(f) GDPR) — Processing is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms.

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. This includes safeguarding the confidentiality, integrity, and availability of data.

All connections to this website are secured via TLS/SSL encryption (HTTPS), protecting data transmitted between your browser and our servers from unauthorized access.

Data Transfers

In the course of our operations, personal data may be shared with third-party service providers (e.g., hosting and IT services). When we do so, we comply with applicable data protection laws and enter into appropriate agreements to safeguard your data.

International Transfers

Where personal data is transferred outside the EU/EEA, we ensure that adequate safeguards are in place. For transfers to the United States, we rely primarily on the EU-U.S. Data Privacy Framework (DPF), recognized by the European Commission's adequacy decision of July 10, 2023.

Data Retention and Deletion

We delete personal data once the purpose for processing has been fulfilled and no legal obligation requires us to retain it. Where consent is withdrawn and no other legal basis exists, data is deleted promptly.

Certain statutory retention periods may apply, including:

  • 10 years — Accounting records, annual financial statements, inventories
  • 8 years — Booking records and invoices
  • 6 years — Other business documents
  • 3 years — General statutory limitation period

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to object: You may object to the processing of your personal data at any time.
  • Right to withdraw consent: You may withdraw any consent you have given at any time.
  • Right of access: You may request information about the personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate data.
  • Right to erasure: You may request deletion of your personal data.
  • Right to data portability: You may request your data in a structured, machine-readable format.
  • Right to lodge a complaint: You may file a complaint with a data protection supervisory authority.

To exercise any of these rights, contact us at legal@leaksshield.com.

Business Services

We process personal data of our clients and business partners for the purpose of establishing, performing, and managing contractual relationships. This includes fulfilling our contractual obligations, communicating about projects, and protecting our legitimate interests.

  • Data types: Account data, contact data, contract data
  • Legal basis: Contract performance (Art. 6(1)(b) GDPR); Legal obligation (Art. 6(1)(c) GDPR); Legitimate interests (Art. 6(1)(f) GDPR)

Web Hosting and Server Logs

We process user data to deliver this website. This includes processing your IP address, which is necessary to transmit content and functionality to your browser.

Access to this website is recorded in server log files. Log data is stored for a maximum of 30 days and then deleted or anonymized.

  • Data types: Usage data, communication metadata, log data
  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

Contact Form

When you contact us via our contact form or email, we process your information to the extent necessary to respond to your inquiry.

  • Data types: Contact data, content data, communication metadata
  • Purposes: Communication, handling inquiries
  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR); Contract performance (Art. 6(1)(b) GDPR)

Formspree: Our contact form is powered by Formspree. When you submit the form, your data (name, email, message) is transmitted to Formspree. Provider: Formspree, Inc., USA. Privacy policy: https://formspree.io/legal/privacy-policy/

Embedded Content

We embed functional and content elements from third-party providers into this website. This requires those providers to process your IP address in order to deliver content to your browser.

Calendly: We use Calendly for appointment scheduling. When you use the booking widget, data is transmitted to Calendly. Provider: Calendly, LLC, USA. Privacy policy: https://calendly.com/privacy

Updates to This Policy

We may update this privacy policy from time to time to reflect changes in our data processing practices. We encourage you to review this page periodically.