Helferlain
Start free trial

Privacy

Privacy Notice

Last updated · 2026-04-26

Note — This text is prepared for lawyer review but is not final. It will be cleared by an EU IT-law firm before public launch.

Helferlain ({LEGAL_ENTITY}) processes personal data on the legal bases set out in Article 6 GDPR. This notice summarises what we collect, why, and how to exercise your rights. The full data map is published in our internal documentation and is available on request.

1. Who we are

Helferlain is operated by {LEGAL_ENTITY} (Imprint: /legal/imprint). Contact for privacy questions: [email protected].

2. What we collect

  • Account — name, email, workspace name, locale, role. Basis: Art. 6(1)(b) — contract.
  • Authentication — sessions, OAuth provider IDs, IP at sign-in (hashed). Basis: Art. 6(1)(b) and (f).
  • Connected ad accounts — encrypted OAuth tokens for Google Ads, GA4, Search Console, Bigin. Token plaintext is never logged. Basis: Art. 6(1)(b).
  • Cached campaign data — minimum required for audits and recommendations (15 min TTL on perf data, 24 h on account structure). No end-user PII.
  • Audit log — every action you or we take in your workspace (12-month retention, then anonymised).
  • BYO LLM keys — envelope-encrypted (AES-256-GCM, KEK in Cloudflare Secrets). We decrypt only in worker memory at call time and never proxy your prompts.

3. Where we host

Web app on Vercel Frankfurt; MCP gateway on Cloudflare Workers EU-only; primary database on Neon Frankfurt; observability on Sentry EU and PostHog EU (Session Replay disabled). See /legal/sub-processors for the full list.

4. BYOK and AI providers

When you bring your own Anthropic / OpenAI key, you remain the controller for any LLM calls made with that key. Helferlain acts as a transmission intermediary, not a processor of the inference payload. Your direct contract with the AI vendor governs the prompt content.

5. Your rights

Under GDPR Articles 15, 16, 17, 18, 20, 21 you may request access, rectification, erasure, restriction, portability or object to processing. Use the in-app endpoints in Settings → Privacy, or email us. We respond within 30 days.

6. Retention

  • Active workspace data — for the lifetime of your subscription plus 30 days grace.
  • Audit logs — 12 months, then anonymised.
  • Stripe invoices — 10 years (statutory).
  • On account deletion we crypto-shred the workspace DEK; encrypted blobs become unrecoverable.

7. International transfers

Stripe (IE/US), Anthropic (US, your direct contract via BYOK), OpenAI (US, your direct contract via BYOK) and any other extra-EU sub-processor relies on EU Standard Contractual Clauses and a Transfer Impact Assessment maintained internally.

8. Cookies

See our cookie banner (re-openable via the footer link) and sub-processor list.

9. Complaints

You may lodge a complaint with the supervisory authority of your EU member state, or with the supervisory authority where {LEGAL_ENTITY} is established.