Privacy Policy

The protection of your personal data is of great importance to us. With this privacy policy, we provide you with comprehensive information about the nature, scope and purposes of the processing of personal data in connection with the use of this website. Personal data is any information relating to an identified or identifiable natural person, such as name, contact details or usage data. Your personal data is always processed in accordance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR) as well as the applicable national data protection provisions. This privacy policy applies to all content and functions made available at replyhop.com, regardless of whether you use them for purely informational purposes or actively transmit data. Unless more specific information is provided within this privacy policy, your data is processed on the basis of the relevant statutory grounds for permission.

Responsibility for the processing of your personal data in connection with this online offering lies with:

Nastasja Tsiatouras
Alexanderplatz 13, 10178 Berlin, Germany

We process personal data only insofar as this is necessary to provide our website and our services. Processing takes place on the basis of the relevant legal grounds set out in Art. 6 (1) GDPR; further details are provided in connection with the respective processing activities. Personal data is stored only for as long as is necessary to achieve the respective purposes or for as long as statutory retention periods exist. Data is disclosed to third parties only where there is a legal basis for doing so or where this is necessary to provide our services. Where data is transferred to third countries, we ensure an adequate level of data protection in accordance with Art. 44 et seq. GDPR.

We take appropriate technical and organisational measures to protect your personal data against loss, destruction, unauthorised access or other unlawful processing. These measures are continuously adapted in line with technological developments. Data is transmitted via this website in encrypted form (e.g. using SSL or TLS encryption).

When you visit our website, the web browser you use automatically transmits technical access data — such as the IP address, the date and time of the page visit, the content accessed, the previously visited website, information about the browser and operating system, and other technical metadata and communication data — to the hosting provider we use, where it is stored in server log files. This processing is necessary to ensure the secure, stable and efficient operation of the website, to detect and defend against attacks, and to ensure the error-free delivery of content. Processing takes place on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR. The data is disclosed exclusively within the scope of technical provision and maintenance to our hosting provider, with whom a data processing agreement pursuant to Art. 28 GDPR is in place. Where transfers to third countries are necessary, we ensure appropriate safeguards in accordance with Art. 44 et seq. GDPR. The stored log files are retained only for as long as is necessary for purposes of system security, error analysis or evidence, and are subsequently deleted or anonymised. An objection to this processing is only possible if there are compelling legitimate grounds, as the collection of this technical data is technically necessary for the operation of the website.

The website is hosted by Vercel Inc., 340 S Lemon Avenue #4133, Walnut, CA 91789, USA. A data processing agreement pursuant to Art. 28 GDPR is in place with the provider. As the provider is based in the USA and therefore in a third country, personal data may be processed outside the European Union. For this transfer, we have agreed the EU Standard Contractual Clauses with the provider as an appropriate safeguard pursuant to Art. 46 (2) (c) GDPR.

On our website, we offer you the option of joining a waitlist with your email address in order to be informed about the availability of ReplyHop and related product news. When you join the waitlist, we process the email address you provide as well as the time of sign-up. The processing serves the purpose of sending you a notification about the launch of ReplyHop as well as information about development progress and related product announcements by email.

The legal basis for the processing is your consent pursuant to Art. 6 (1) (a) GDPR, which you grant by submitting the sign-up form. For the technical handling of the waitlist and email function, we use the service Resend, provided by Resend, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA. Resend stores the email address you provide in a contact list maintained for ReplyHop and sends the aforementioned emails on our behalf. A data processing agreement pursuant to Art. 28 GDPR is in place with Resend. As the provider is based in the USA and therefore in a third country, personal data is transferred outside the European Union; for this transfer, we have agreed the EU Standard Contractual Clauses as an appropriate safeguard pursuant to Art. 46 (2) (c) GDPR.

We store your email address until you withdraw your consent, but at most until the end of the waitlist phase and a reasonable transitional period thereafter. You can withdraw your consent at any time with effect for the future, without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal. You can withdraw your consent informally by email to us or via the unsubscribe link included in every email. Following a withdrawal or unsubscription, your email address is deleted from the waitlist.

You have the option of contacting us by email. If you contact us in this way, we process the personal data you transmit — in particular your email address, any name provided, and the content of your message — solely for the purpose of handling and responding to your request. The legal basis for the processing is Art. 6 (1) (b) GDPR insofar as your request is aimed at the conclusion or performance of a contract; otherwise, processing takes place on the basis of our legitimate interest in the proper handling of the requests addressed to us pursuant to Art. 6 (1) (f) GDPR. We store this data only for as long as is necessary to handle your request or for as long as statutory retention obligations preclude deletion. Insofar as the processing is based on our legitimate interest, you have the right, pursuant to Art. 21 GDPR, to object to the processing at any time on grounds relating to your particular situation.

Automated decision-making, including profiling, within the meaning of Art. 22 GDPR does not take place in connection with the use of our website.

In the context of purely informational use of our website, there is generally no statutory or contractual obligation to provide personal data. However, certain functions of the website can only be used if the data required for this is provided (e.g. when using forms). Where data is transferred to third countries, we ensure appropriate safeguards in accordance with Art. 46 GDPR.

As a data subject, you have various rights under the General Data Protection Regulation with regard to the processing of your personal data:

You first have the right of access (Art. 15 GDPR). This includes, in particular, information about whether and to what extent we process personal data about you, the purposes of this processing, the categories of data concerned, and the recipients to whom this data has been or will be disclosed.

In addition, you have the right to rectification of inaccurate or incomplete data (Art. 16 GDPR), in order to keep the personal data stored by us up to date.

You also have the right to erasure of your personal data (Art. 17 GDPR), insofar as no statutory retention periods or other legal obligations preclude erasure.

The right to restriction of processing (Art. 18 GDPR) applies to you under certain conditions, for example if you contest the accuracy of the data or if the processing is unlawful and you request the restriction of its use instead of erasure.

Furthermore, you have the right to data portability (Art. 20 GDPR), i.e. the right to receive the data you have provided in a structured, commonly used and machine-readable format and to transmit this data to another controller, insofar as the processing is based on your consent or on a contract and is carried out by automated means.

You also have the right to object to the processing of your personal data (Art. 21 GDPR), insofar as we base the processing on a legitimate interest or it is carried out for the purpose of direct marketing.

If the processing of your data is based on consent you have granted, you have the right to withdraw this consent at any time with effect for the future (Art. 7 (3) GDPR).

In addition, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR) if you believe that the processing of your personal data infringes data protection law. The supervisory authority responsible for our company is: Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Alt-Moabit 59-61, 10555 Berlin, telephone: +49 30 138 89-0, email: mailbox@datenschutz-berlin.de, website: https://www.datenschutz-berlin.de.

Insofar as the processing of your personal data is based on consent pursuant to Art. 6 (1) (a) GDPR, you have the right to withdraw this consent at any time with effect for the future. The withdrawal can be made informally, for example by email to the controller. The lawfulness of the processing carried out before the withdrawal remains unaffected.

We reserve the right to amend this privacy policy so that it always complies with current legal requirements, or in order to reflect changes to our services in the privacy policy, for example when introducing new services or functionalities on our website. The current version of the privacy policy will then apply to your next visit. This privacy policy is dated May 2026.