Privacy Policy

Last updated: May 2026

1. Data Controller

Remediate.AI UG (haftungsbeschränkt) — in formation, Frankfurt am Main, Germany. Contact: contact@getremediate.de

2. Data We Collect

Account data: name, email address, hashed password
Payment data: processed by Paddle (we store no card details)
Scan results: URL, accessibility violations, generated patches
Usage data: log entries, API requests

3. Purpose and Legal Basis

We process your data for contract performance (Art. 6(1)(b) GDPR) and on the basis of legitimate interests (Art. 6(1)(f) GDPR) for service improvement.

4. Retention

Account data is retained for the duration of the contract and deleted within 30 days of cancellation, unless statutory retention obligations apply.

5. Your Rights (Art. 15–22 GDPR)

Right of access (Art. 15)
Right to rectification (Art. 16)
Right to erasure (Art. 17)
Right to restriction (Art. 18)
Right to data portability (Art. 20)
Right to object (Art. 21)

To exercise your rights, contact: contact@getremediate.de

6. Hosting & Infrastructure

Vercel	Web hosting (Frankfurt / Washington D.C.)	Privacy
Neon DB	PostgreSQL database (AWS Frankfurt)	Privacy
AWS S3	File storage (Frankfurt)	Privacy
Resend	Transactional email	Privacy
Paddle	Payment processing	Privacy

7. Contact & Complaints

For privacy questions: contact@getremediate.de

You have the right to lodge a complaint with a supervisory authority (HBDI, Hessian Commissioner for Data Protection).

← Back to homepage