Privacy policy

Information on the processing of personal data on meetattachee.com in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR).

1. Controller

The controller within the meaning of Art. 4 (7) GDPR is:

anpasio UG (haftungsbeschränkt)
Mühlenaue 15a
53909 Zülpich
Germany

Email: hello@meetattachee.com
Represented by: Philipp Franke

2. Data protection officer

We are not legally required to appoint a data protection officer under Art. 37 GDPR or § 38 BDSG. For privacy-related enquiries, please contact us at hello@meetattachee.com.

3. Categories of data and purposes of processing

a) Visiting the website. When you visit meetattachee.com, our hosting provider (see section 4) automatically processes technical data transmitted by your browser, including your IP address, the date and time of the request, the requested resource, the referrer, and your user-agent string. This data is processed for the purpose of operating and securing the website. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in providing a stable and secure service). Server-side access logs are retained for a maximum of 14 days and are then deleted.

b) Waitlist signup. If you submit the waitlist form, we process your email address in order to contact you about early access to Attachée. Legal basis: Art. 6 (1) (a) GDPR (consent). You may withdraw your consent at any time with effect for the future by writing to hello@meetattachee.com; the lawfulness of processing carried out before withdrawal remains unaffected. Email addresses are stored until you withdraw your consent or for a maximum of 24 months from submission, whichever occurs first.

4. Recipients and processors

We use the following processors under Art. 28 GDPR:

Amazon Web Services EMEA SARL (38 Avenue John F. Kennedy, L-1855 Luxembourg) provides hosting infrastructure for meetattachee.com. The site runs in the AWS Frankfurt region (eu-central-1); personal data processed for the purpose of website operation remains within the European Union. AWS may be subject to access by its US parent under US law; AWS Inc. is certified under the EU–US Data Privacy Framework and offers Standard Contractual Clauses as a supplementary safeguard.

Clerk, Inc. (660 King Street, Unit 345, San Francisco, CA 94107, USA) processes the email address you submit through the waitlist form. Clerk is certified under the EU–US Data Privacy Framework, providing an adequacy basis under Art. 45 GDPR for the transfer to the United States. Clerk's privacy notice is available at https://clerk.com/legal/privacy.

5. Transfers to third countries

Where personal data is transferred to processors in the United States (see section 4), the transfer is based on the European Commission's adequacy decision for the EU–US Data Privacy Framework (Implementing Decision (EU) 2023/1795). Where a recipient is not DPF certified, transfers rely on Standard Contractual Clauses pursuant to Art. 46 (2) (c) GDPR.

6. Cookies and local storage

On first visit, meetattachee.com does not set any cookies, local-storage entries, or comparable technologies on your device. We do not use analytics, advertising, or social-media tracking. The fonts used on the site are served from our own servers (see section 7), so loading the site does not trigger third-party requests either.

Clerk's browser SDK is downloaded on demand only after you submit the waitlist form. Once it loads, Clerk may write cookies on the meetattachee.com domain that are strictly necessary to perform the submission you just requested — notably __clerk_db_jwt and __client_uat (documented at clerk.com/docs/guides/how-clerk-works/cookies). This processing falls under § 25 (2) Nr. 2 TDDDG and Art. 6 (1) (b) GDPR; no separate consent banner is required because no storage takes place before your affirmative action.

7. Fonts

We use the typefaces Cormorant Garamond and DM Sans. Both are served from our own servers; no font data is requested from third parties such as Google Fonts, and no IP addresses or other personal data are transmitted to third parties for font rendering.

8. Your rights

You have the following rights with regard to the personal data we process:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing based on legitimate interest (Art. 21 GDPR)
• Right to withdraw consent at any time with effect for the future (Art. 7 (3) GDPR)

To exercise any of these rights, contact us at hello@meetattachee.com.

9. Right to lodge a complaint

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority competent for our company is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestraße 2–4
40213 Düsseldorf
Germany
https://www.ldi.nrw.de

10. No automated decision-making

We do not use the personal data we collect for automated decision-making, including profiling, within the meaning of Art. 22 GDPR.

11. Updates to this policy

We may update this privacy policy to reflect changes in our processing activities or legal requirements. The current version is always available at this URL.