Last updated: Oct 24, 2025

Privacy Policy

1. Introduction

We value your privacy. This notice explains how we process personal data when you use this website and informs you about your rights under the GDPR.

2. Controller

Levarc Engineering GmbH
Mooswiesenweg 28
84570 Polling
Email: info@levarc.de

2.1 Data Protection Officer (DPO) / Contact Person

For questions regarding the processing of personal data (exercising rights, information requests) please contact: Levarc Engineering GmbH – Privacy Office, email: info@levarc.de. We will respond to the request within 30 days, unless there are complex cases that require a longer period.

3. Hosting and access logs (Netlify)

We host this site with Netlify . When you access the site, technical server logs are processed (e.g., IP address, timestamp, user agent, referrer, HTTP status). This is necessary for availability, security, and troubleshooting.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest). Learn more: Netlify Privacy .

4. Analytics (Umami)

We use Umami for privacy-friendly analytics. The script is loaded from our subdomain umami.levarc.de. We process aggregated usage metrics (e.g., page views, referrers, device/browser, approximate region). Umami runs without cookies and does not create user profiles.

Legal basis: Art. 6(1)(f) GDPR (our interest in improving the website). You can object at any time, for example by blocking umami.levarc.de in your browser or by contacting us.

5. Google Fonts (CDN)

For consistent typography we use Google Fonts which are loaded from Google servers (Google Ireland Limited; access by Google LLC/USA possible). Your IP address and browser information may be transmitted.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a reliable, performant font delivery). We are evaluating a full local hosting of fonts to reduce third‑party requests. Details: Google Privacy Policy .

6. Contact form and email

If you contact us, we process the data you provide (e.g., name, email, message) to handle your request. For email delivery we use Resend (USA). Processing is based on Art. 6(1)(b) GDPR (pre‑contractual communication) or Art. 6(1)(f) GDPR (general inquiries). Where we ask for consent, Art. 6(1)(a) GDPR applies.

We rely on Standard Contractual Clauses (Art. 46 GDPR) with Resend. Data is kept only as long as necessary for processing or as required by law.

7. Newsletter (double opt‑in) – Resend & Airtable

When you subscribe to our newsletter we process your email address and, if provided, your name to send periodic updates. Subscription uses double opt‑in. Confirmation and newsletter emails are sent via Resend. Subscriber management is handled in Airtable (USA). Legal basis: your consent, Art. 6(1)(a) GDPR. You can withdraw consent at any time via the unsubscribe link.

International transfers are protected by Standard Contractual Clauses (Art. 46 GDPR). We store your data until you unsubscribe or as required for the purpose.

  • Art. 6(1)(a) GDPR – Consent
  • Art. 6(1)(b) GDPR – Contract/requests
  • Art. 6(1)(c) GDPR – Legal obligation
  • Art. 6(1)(f) GDPR – Legitimate interests (operation/security/analytics)

9. Recipients and processors

We use service providers as processors where appropriate: Netlify (hosting), Resend (email delivery), Airtable (newsletter management), and our self‑hosted Umami instance (analytics). Data processing agreements are in place pursuant to Art. 28 GDPR.

10. Storage periods

We retain personal data only as long as necessary for the respective purpose or as required by statutory retention obligations, after which data will be deleted or anonymized.

11. Your rights

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

12. International transfers

For Resend and Airtable, processing in the USA may occur. We use Standard Contractual Clauses (Art. 46 GDPR) as appropriate safeguards.

13. Security

We implement technical and organizational measures to protect your data (e.g., TLS encryption). However, no method of transmission over the Internet is 100% secure.

14. Changes to this notice

We will update this policy when laws, our processes, or services change. The latest version is available on this page.