DE Start free

Privacy Policy

Last updated: April 2026

1. Responsible Party

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

[FIRMENNAME]
[ADRESSE]
Email: support@reputationradar.de

2. Data We Collect

2.1 Account Data

When you register for ReputationRadar, we collect the following personal data:

  • First and last name
  • Email address
  • Company name and industry
  • Billing address and payment information
  • Phone number (optional)

2.2 Usage Data

When you use our platform, we automatically collect technical data, including:

  • IP address and location data (anonymized)
  • Browser type, operating system, and device information
  • Pages visited, access times, and session duration
  • Referrer URL

2.3 Review Platform Data

As part of our service, we monitor and analyze publicly available reviews across 15+ platforms (including Google, Trustpilot, Yelp, Jameda, Kununu, and TripAdvisor). The following data is processed:

  • Publicly available review texts and star ratings
  • Public usernames of reviewers
  • Review timestamps
  • Results of AI-powered sentiment analysis

2.4 Cookies and Similar Technologies

Our website uses cookies and similar technologies. We distinguish between:

  • Strictly necessary cookies: Required for the operation of the website and for logging into your account.
  • Analytics cookies: Help us understand how the website is used and improve our services. These are only set with your explicit consent.
  • Marketing cookies: Used to display relevant advertising content and are also only used with your consent.

You can change your cookie preferences at any time via our cookie banner or through your browser settings.

3. Purposes of Data Processing

We process your personal data for the following purposes:

  • Service provision: Setting up and managing your account, monitoring reviews, generating reports and notifications
  • AI-powered analysis: Sentiment analysis of reviews, automated response suggestions, trend detection, and competitive analysis using artificial intelligence
  • Communication: Notifications about new reviews, service updates, and support requests
  • Service improvement: Analyzing usage patterns to optimize the platform and user experience
  • Billing and payment processing: Processing payments and issuing invoices
  • Legal obligations: Compliance with statutory retention and reporting requirements

4. Legal Basis for Processing

We process your data based on the following legal grounds under the GDPR:

  • Art. 6(1)(a) GDPR (Consent): For the use of analytics and marketing cookies, as well as for sending promotional emails.
  • Art. 6(1)(b) GDPR (Performance of contract): For providing our services, managing your account, and processing payments.
  • Art. 6(1)(c) GDPR (Legal obligation): For compliance with statutory retention requirements, in particular tax and commercial law regulations.
  • Art. 6(1)(f) GDPR (Legitimate interest): For analyzing publicly available reviews, improving our services, and ensuring IT security.

5. Data Sharing with Third Parties

We only share your personal data to the extent necessary for providing our services or where a legal basis exists. The following categories of recipients may receive data:

5.1 AI Service Providers

For sentiment analysis and automated response generation, we use AI services from the following providers:

  • OpenAI (OpenAI, L.L.C., San Francisco, USA)
  • Anthropic (Anthropic, PBC, San Francisco, USA)
  • Google (Google Ireland Limited, Dublin, Ireland / Google LLC, Mountain View, USA)

Data transfers to these providers are conducted on the basis of Standard Contractual Clauses (Art. 46(2)(c) GDPR) or an adequacy decision. Only publicly available review texts are shared for analysis — no personal account data is transmitted.

5.2 Hosting Providers

Our platform is hosted on servers within the European Union. The hosting provider processes data on our behalf based on a data processing agreement pursuant to Art. 28 GDPR.

5.3 Payment Processors

We work with external payment service providers for processing payments. They receive only the data necessary for the payment transaction. Processing is based on Art. 6(1)(b) GDPR.

6. Cookies and Tracking

We use the following categories of cookies on our website:

  • Session cookies: Associate consecutive page views with your session. They are automatically deleted when you close your browser.
  • Authentication cookies: Maintain your login state and enable secure access to your account.
  • Preference cookies: Store your language and display settings.
  • Analytics cookies: Help us evaluate website usage statistically (only with your consent).

You can grant or withhold consent for non-essential cookies via our cookie banner on your first visit. You can revoke your decision at any time.

7. Data Retention Periods

We retain your personal data only for as long as necessary for the respective processing purposes or as required by statutory retention obligations:

  • Account data: For the duration of the contractual relationship and up to 30 days after account deletion for potential recovery.
  • Billing data: 10 years in accordance with statutory tax retention requirements.
  • Review data: For the duration of the contractual relationship. After termination, aggregated, anonymized analysis results are retained for up to 12 months.
  • Usage data and log files: A maximum of 90 days, unless longer retention is required for security purposes.
  • Consent records (cookies): 3 years in accordance with supervisory authority recommendations.

8. Your Rights as a Data Subject

Under the GDPR, you have the following rights, which you may exercise at any time by contacting us:

  • Right of access (Art. 15 GDPR): You have the right to request information about the personal data we hold about you.
  • Right to rectification (Art. 16 GDPR): You can request the correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): You can request the deletion of your data, provided no statutory retention obligations apply.
  • Right to restriction of processing (Art. 18 GDPR): You can request the restriction of processing under certain conditions.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to object (Art. 21 GDPR): You can object at any time to the processing of your data based on Art. 6(1)(f) GDPR.
  • Right to withdraw consent (Art. 7(3) GDPR): You can withdraw any consent you have given at any time with effect for the future.
  • Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your data.

9. Data Security

We implement comprehensive technical and organizational measures to protect your data from unauthorized access, loss, and misuse:

  • Encrypted data transmission via TLS/SSL (HTTPS)
  • Encryption of stored data (encryption at rest)
  • Regular security audits and penetration testing
  • Access control based on the principle of least privilege
  • Multi-factor authentication for administrative access
  • Regular encrypted backups
  • Staff training in data protection and information security

10. Changes to This Privacy Policy

We reserve the right to update this privacy policy as needed to reflect changes in legal requirements or modifications to our services. The current version is always available on this page. In the event of material changes, we will notify you by email or through a notice on our platform.

11. Contact for Data Protection Inquiries

If you have questions about data protection, wish to exercise your data subject rights, or have a complaint, please contact:

[FIRMENNAME]
Data Protection Officer
[ADRESSE]
Email: support@reputationradar.de

We strive to respond to your inquiries within 30 days, as required by the GDPR.