Privacy Policy

1. Controller

The controller responsible for the processing of personal data on this website under Article 4(7) of the General Data Protection Regulation (GDPR) is:

Freistil ApS
Åvej 9
6510 Gram
Denmark

CVR number: 45808491
Responsible person: Robert Trippler
Email: contact@clowdr.dev

2. Scope

This policy explains how Freistil ApS (“we”, “us”) processes personal data when you visit clowdr.devand its subdomains (the “Website”). It does not cover third-party websites linked from clowdr.dev; those are governed by their own privacy policies.

3. Your rights as a data subject

Under the GDPR you have the right to:

• Access (Art. 15) — obtain confirmation about whether we process your personal data and receive a copy.
• Rectification (Art. 16) — have inaccurate data corrected.
• Erasure (Art. 17) — request deletion of your data where no overriding legal ground requires retention.
• Restriction (Art. 18) — request that we restrict processing in specific cases.
• Data portability (Art. 20) — receive your data in a structured, machine-readable format.
• Object (Art. 21) — object to processing based on legitimate interests (Art. 6(1)(f)) or direct marketing at any time.
• Withdraw consent (Art. 7(3)) — withdraw consent at any time with effect for the future; this does not affect the lawfulness of prior processing.
• Lodge a complaint (Art. 77) — complain to a supervisory authority. The competent authority for Freistil ApS is:
  Datatilsynet, Carl Jacobsens Vej 35, 2500 Valby, Denmark — www.datatilsynet.dk.

To exercise any of these rights, contact us at contact@clowdr.dev. We will respond within one month as required by Art. 12(3) GDPR.

4. Data we process

4.1 Server log files (hosting)

When you access the Website, our hosting provider (see Section 5) automatically records information that your browser transmits. This typically includes:

• IP address (truncated where technically possible)
• Date and time of the request
• URL requested and HTTP status code
• Referrer URL
• User agent (browser and operating system)
• Approximate geographic region (derived from the IP address)

Purpose: delivering the Website, ensuring stability and security, detecting and defending against attacks, and diagnosing technical errors.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure, functional website).
Retention: log data is deleted or anonymised by the hosting provider according to its retention policy; see Section 5.

4.2 Cookies and local storage

We distinguish between strictly necessary storage and optional storage that requires your consent.

Strictly necessary storage (no consent required):

• clowdr.cookieConsent.v1 — a localStorage entry that remembers your cookie preferences so we do not ask you again on every visit. This is required for the consent mechanism itself to function (Art. 6(1)(c) GDPR in conjunction with § 9 of the Danish ePrivacy / Cookie Order; Art. 5(3) ePrivacy Directive exception for storage strictly necessary to provide a service explicitly requested by the user).
• Language preference stored in the URL path (/en, /de) — no personal data is stored in a cookie for this purpose.

Optional storage (consent required):

Optional analytics and marketing categories are presented in the cookie banner. At the time of publication no analytics, advertising, or tracking tags are installed on clowdr.dev. The consent layer is prepared for future integration with Google Consent Mode v2 (categories: analytics_storage, ad_storage, ad_user_data, ad_personalization). Before any such tag is activated, this Privacy Policy will be updated with the specific tool, purpose, provider, and international-transfer details, and your consent will be requested in advance.

You can change or withdraw your consent at any time via the Cookie settings link in the footer.

Legal basis for optional categories: Art. 6(1)(a) GDPR (consent) and § 9 of the Danish Cookie Order.

4.3 Contact by email

If you email us (e.g. contact@clowdr.dev), we process the email address, name (if provided), and any information contained in your message.

Purpose: responding to your inquiry.
Legal basis: Art. 6(1)(b) GDPR where the inquiry relates to a (pre-)contractual relationship; otherwise Art. 6(1)(f) GDPR (legitimate interest in answering communications directed to us).
Retention: we keep correspondence as long as necessary to handle the matter and to comply with statutory retention obligations (e.g. Danish Bookkeeping Act, up to 5 years for accounting-relevant correspondence). Non-accounting correspondence is deleted when no longer required, and no later than 2 years after the last interaction unless law requires longer retention.

4.4 External links

The Website links to profiles on third-party platforms (currently Twitter/X and Discord). These links are plain hyperlinks; no content from these platforms is embedded or loaded automatically on clowdr.dev. Data is only transmitted to these providers once you click the link and visit their site, at which point their own privacy policies apply.

4.5 What we do not do

• We do not operate a user account system, newsletter, contact form, or e-commerce checkout on clowdr.dev.
• We do not run analytics, A/B testing, remarketing, session replay, heatmaps, or advertising tags on clowdr.dev.
• We do not embed third-party fonts, videos, maps, or social-media widgets that would transmit your IP address to external providers on page load. Fonts are served as part of the Website.
• We do not sell personal data.
• We do not engage in automated decision-making or profiling under Art. 22 GDPR.

If any of this changes, we will update this policy and, where required, obtain your consent before making the change effective.

5. Processors and recipients

We use the following processors under a data processing agreement pursuant to Art. 28 GDPR:

We only disclose personal data to other parties where we are legally required to (e.g. in response to a binding request from a competent authority) or where you have explicitly consented.

6. International data transfers

Personal data processed through the Website is stored on servers located within the European Economic Area (EEA). We do not currently transfer personal data to recipients outside the EEA.

If this changes in the future — for example, if we introduce a service provider whose infrastructure is located outside the EEA — we will update this policy and ensure that any such transfer is safeguarded by an adequacy decision (Art. 45 GDPR) or by appropriate safeguards such as the European Commission’s Standard Contractual Clauses (Art. 46(2)(c) GDPR), supplemented by additional technical and organisational measures where necessary.

A copy of the relevant safeguards is available on request at contact@clowdr.dev.

7. Retention

We only retain personal data for as long as necessary for the purposes described above or as required by law. Specific periods are listed with each purpose in Section 4. When data is no longer needed, it is deleted or irreversibly anonymised.

8. Security

We use TLS (HTTPS) for all traffic to and from the Website and rely on our hosting provider’s infrastructure security (firewalling, DDoS protection, access controls). Internally, access to personal data is limited to people who need it for the purposes described in this policy.

9. Minors

The Website is aimed at adult indie developers and is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact contact@clowdr.dev and we will delete it.

10. Changes to this policy

We may update this policy to reflect changes to the Website, our processors, or applicable law. The current version is always available at clowdr.dev/privacy. Material changes will be announced on the Website in advance; continued use of the Website after such changes constitutes acknowledgement of the updated policy, except where a change requires your fresh consent — in which case we will ask you for it.