Deutsche Version

Privacy Policy

1. Controller

Niklas Kappes
Freiherr-von-Drais Str 36
69429 Waldbrunn
Germany

Email: contact@dynsvg.io

2. Overview of data processing

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. The use of our website is generally possible without providing personal data.

3. Hosting

This website is hosted by Vercel Inc., 440 N Baxter St, Coppell, TX 75019, USA. When you visit our website, certain information is automatically stored in server log files that your browser transmits automatically. This includes:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • IP address of the accessing device
  • Time of the server request

Data transfer to the USA is carried out on the basis of the EU-US Data Privacy Framework. The legal basis for data processing is Art. 6(1)(f) GDPR (legitimate interest in the stable and secure provision of the website).

For more information, please refer to the Vercel Privacy Policy.

4. Local storage (localStorage)

We use your browser's localStorage to save the following settings locally on your device:

  • Theme preference (light/dark) — to display your preferred view
  • Colour palette — custom colours in the editor
  • Cookie consent record (key dynsvg-consent) — your decision from the consent banner, with version and timestamp

This data is stored exclusively in your browser and is not transmitted to us or any third parties. The legal basis is § 25(2) Nr. 2 TDDDG (storage strictly necessary for the service explicitly requested by you) and Art. 6(1)(f) GDPR (legitimate interest in a user-friendly presentation and in documenting your consent decision).

5. Cookies and consent management

This website does not set tracking cookies. We do, however, store information on your device for analytics purposes (see sections 6 and 7) for which we obtain your prior consent through a banner shown on your first visit, in accordance with § 25(1) TDDDG and Art. 6(1)(a) GDPR.

The consent banner offers two categories:

  • Strictly necessary — always active, no consent required (§ 25(2) Nr. 2 TDDDG). Covers the items listed in section 4.
  • Analytics & usage statistics — disabled by default, enabled only with your explicit consent. Covers Vercel Analytics (section 6) and our own editor usage statistics (section 7).

Your decision is stored as a JSON record in localStorage under the key dynsvg-consent for up to 12 months. After that period, or if we materially change this policy (which bumps the consent version), the banner will appear again so you can confirm your choice.

Withdrawing consent: You can change or withdraw your consent at any time with effect for the future via the "Cookie preferences" link in the footer (Art. 7(3) GDPR). Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

6. Vercel Analytics

This website uses Vercel Analytics, a privacy-friendly, cookieless web analytics service provided by Vercel Inc., 440 N Baxter St, Coppell, TX 75019, USA. Vercel Analytics does not use cookies and does not collect personal data that could identify individual visitors. The following aggregated data is collected:

  • Page URL and referrer URL
  • Browser and operating system
  • Device type
  • Country of origin (derived from IP address, which is not stored)

Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25(1) TDDDG (consent). Vercel Analytics is loaded only after you have given your consent via the cookie banner.

Data transfer to the USA is carried out on the basis of the EU-US Data Privacy Framework. For more information, please refer to the Vercel Privacy Policy.

7. Editor usage statistics

When you use the in-browser editor to load an SVG/SVGHMI file or export a .svghmi file, we log an anonymized event to our own server (Upstash Redis, hosted in the EU) so that we can measure aggregate usage of the editor. The following data is stored:

  • Event type (upload or export) and server-side timestamp
  • A random session identifier (UUID generated in your browser, kept only in sessionStorage and discarded when you close the tab)
  • On upload: the file extension (.svg or .svghmi), file size in bytes, and a SHA-256 hash of the file name (the original name is never stored)
  • On export: the number of bindings, a count per binding type, and the SHA-256 hash of the exported file name
  • The time between upload and export within the same session (to measure editing duration)

We do not store IP addresses, user agents, or the SVG content itself. Because file names are hashed, we cannot recover them. Your session UUID is not linked to any other identifier.

Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25(1) TDDDG (consent). Without your consent, no events are sent to our server and no session ID is stored.

8. Newsletter / mailing list

If you subscribe to our newsletter or join our waitlist, your email address will be used to send you information about DynSVG, product updates, and launch notifications. We use the service Brevo (Sendinblue SAS), 106 boulevard Haussmann, 75008 Paris, France for delivery. We use a double opt-in process: after submitting your email address, you will receive a confirmation email. Your subscription is only activated after you click the confirmation link.

Data collected: email address

Legal basis: Art. 6(1)(a) GDPR (consent). You can unsubscribe at any time by using the unsubscribe link in every email or by contacting us directly.

As Brevo is based in the European Union, no transfer of personal data to third countries takes place. For more information, please refer to the Brevo Privacy Policy.

9. SSL/TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser bar.

10. Your rights as a data subject

You have the following rights under the GDPR:

  • Right of access (Art. 15 GDPR) — right to obtain information about your stored data
  • Right to rectification (Art. 16 GDPR) — right to correct inaccurate data
  • Right to erasure (Art. 17 GDPR) — right to have your data deleted
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR) — right to object to the processing of your data

Right to lodge a complaint: You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data. The competent supervisory authority depends on your place of residence or the registered office of the controller.

11. Changes to this privacy policy

We reserve the right to amend this privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services. The new privacy policy will then apply for your next visit.

Privacy Policy | DynSVG