Privacy Policy

1. Controller

Foldy UG (Haftungsbeschränkt)

Hünefeldzeile 12a, 12247 Berlin, Germany

Email: [email protected]

Represented by: Mariia Tarbaieva

2. Data Processing on the Website

We process personal data to provide and improve the Website and (if you choose) to measure usage. The Website is a marketing site and beta sign-up page; it is not the Foldy iOS app.

A) When You Visit the Website

When you access the Website, technical data may be processed (including by our hosting and content delivery providers) to deliver the site, keep it secure, and prevent abuse. This can include your IP address, date/time of access, requested page, referrer URL, browser and device information, and similar technical log data.

B) Analytics

We use the following analytics tools to understand aggregated Website usage:

• Cloudflare Web Analytics: used to measure website usage and performance. (This tool is designed to be cookie-less in typical configurations.)
• Google Analytics (GA4) with Google Consent Mode v2: we use GA4 in consent mode so we can see the number of users without total identifiers by default.

EU users: accept means full tracking. Reject means cookieless pings + modeled data.

Non-EU users: full tracking by default (unless you choose stricter rules).

You will still see total users (modeled), traffic trends, and conversions (estimated). This is how Google expects GA to be used globally.

We configure GA4 with IP anonymization and disable ad personalization signals.

C) Letter Creator Tool

The Letter Creator lets you compose and format a letter directly on the Website. All processing happens locally in your browser — the text you enter (names, addresses, letter content) is not sent to our servers and is not stored by us.

• The PDF is generated entirely on your device using a JavaScript library (jsPDF, loaded from the Cloudflare CDN).
• The address autocomplete feature sends the text you type in address fields to the OpenStreetMap Nominatim service to suggest matching addresses. Only the address text you type is sent; no other letter content is transmitted.
• Your letter content is not saved anywhere — once you close or refresh the page, it is gone unless you saved the PDF yourself.

D) Beta Sign-Up

If you use the “Join Beta” form, we process the data you submit (typically your name and email address, and any optional selections) to manage the beta program and contact you.

Form submissions are transmitted to and stored in Google Forms (Google LLC) for handling and review.

E) Local Storage and Cookies

We use browser storage to remember your choices and to protect the beta form from abuse:

• Consent preferences: stored in your browser's local storage to remember whether you accepted or declined analytics cookies.
• Form rate limiting: stored in local storage to prevent repeated submissions in a short period.
• Analytics cookies (optional): if you accept analytics, Google Analytics may set cookies on your device. If you decline, analytics runs in cookieless mode without setting analytics cookies.

3. Legal Basis

Website delivery, security, and basic operation: our legitimate interests (Art. 6(1)(f) GDPR).

Analytics (Google Analytics cookies): your consent (Art. 6(1)(a) GDPR), collected via the cookie banner/settings. Cookieless GA4 pings in consent mode may be processed on the basis of our legitimate interests in aggregated website measurement (Art. 6(1)(f) GDPR), where applicable.

Beta sign-up: your consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time by contacting us (see Section 9).

4. Data Recipients

We share personal data only with service providers that help us operate the Website and handle beta sign-ups, in particular:

• Cloudflare (website delivery and web analytics)
• Google (Google Forms for beta sign-ups, Google Analytics if you consent, and Google Fonts used by the Website)
• OpenStreetMap Foundation (Nominatim API for address autocomplete in the Letter Creator — only the address text you type is sent)

5. International Transfers

Some service providers (e.g., Cloudflare and Google) may process data in countries outside the European Economic Area (EEA). Where required, we rely on appropriate safeguards (for example, Standard Contractual Clauses) and additional technical and organizational measures.

6. Data Retention

Letter Creator content: not retained — your letter is processed only in your browser and is never stored on our servers.

Server/security logs: retained for a limited period as necessary for security and troubleshooting (retention may vary by provider).

Analytics: retention depends on the analytics provider's configuration and policies.

Beta sign-up submissions: retained only as long as needed to manage the beta program and follow up with you, and then deleted or anonymized where feasible.

7. Your Rights Under GDPR and BDSG

You have the right to access, rectify, delete, restrict, and port your data, and to lodge a complaint with a supervisory authority.

Supervisory authority:

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153, 53117 Bonn
https://www.bfdi.bund.de

8. Managing Your Choices

You can control analytics cookies via the cookie banner/settings when you visit the Website. If you decline, we only collect anonymous, cookieless analytics data. You can also delete stored preferences by clearing your browser's site data for foldy.ai.

9. Contact

If you have questions or want to exercise your rights, contact us at:

[email protected]

Foldy UG (Haftungsbeschränkt), Hünefeldzeile 12a, 12247 Berlin, Germany