homeaboutserviceworkBlogcontactImprintprivacy policyTerms

AI implemented where it makes sense, not where it sounds cool.

x
f
l
b
ratko.®
Let's talk
Let's talk

1. Notice on responsible party

This privacy policy applies to the websites rolupai.com and rolup.ai, operated by:

Rolup Florian Pütz

Philosophenweg 49

41844 Wegberg

Germany

Email: info@rolupai.com

"We", "our" or "us" refers to the sole proprietorship Rolup Florian Pütz.

2. General Information

We take the protection of your personal data seriously. Your data is treated confidentially and in accordance with applicable data protection laws, especially the General Data Protection Regulation (GDPR).We do not use cookies, no tracking tools, and do not send newsletters.

3. Data Collection on this Website

Who is responsible for data collection?

The data processing on this website is carried out by the website operator (p. 1). You can find their contact details in the "Notice on  responsible party" section of this policy (p. 1).

How do we collect your data?

  • Data you provide: This includes information you enter into a contact form or provide during a consultation (e.g. via Zoom or WhatsApp).
  • Automated data: Technical data (e.g. internet browser, operating system, or time of page view) is collected automatically by our IT systems (Webflow) when you visit the website.
  • This may include: Full name, email address, phone number, company name / website, message content, timestamp & IP address, information & revenue numbers of your business (in case of you voluntarily putting them into our form)

Legal Basis for Data Processing

We process your data under:

  • Art. 6(1)(b) GDPR - performance of a contract or pre-contractual measures
  • Art. 6(1)(f) GDPR - legitimate interest in efficient communication and service delivery

Purposes of Data Processing

We use your data to ensure the error-free provision of the website, analyze user behavior for optimization, and, most importantly, to develop and implement AI-based B2B automations as per our service agreement.

4. Tools and Third-Party Services Used

We use the following services for functionality and automation:

Webflow (hosting & website contact form)→ Provider: Webflow, Inc., USA – Privacy Policy

Tally.so (form provider)→ Provider: Tally BV, Belgium – Privacy Policy

Calendly (meeting scheduling)→ Provider: Calendly LLC, USA – Privacy Policy

Loom (embedded videos)→ Provider: Loom, Inc., USA – Privacy Policy

Make.com (automation backend)→ Provider: Celonis SE, Germany – Privacy Policy

Transfers to countries outside the EU (e.g. USA) are based on Standard Contractual Clauses (SCCs) according to Art. 46 GDPR.5. ContactWhen contacting us via our form, Tally.so, WhatsApp, or email, your data will be processed for communication purposes. This information will never be shared without your consent.

5. Hosting and Content Delivery Networks (CDN)

Webflow Hosting

Our website is hosted by Webflow, Inc. (398 11th Street, 2nd Floor, San Francisco, CA 94103, USA). Personal data collected on this website is stored on Webflow's servers. This includes IP addresses, contact requests, meta and communication data, and contract data (p. 2).

Legal Basis: Hosting is performed for the fulfillment of contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online service (Art. 6(1)(f) GDPR) (p. 2). We have concluded a Data Processing Agreement (DPA) with Webflow to ensure GDPR-compliant processing (p. 2).

6. Mandatory Information and Statutory Rights

Notice on the Responsible Party (Controller)

The responsible party for data processing is:(Your Full Name)(Your Street & Number)(Your Postcode & City)(Germany)Email: (Your Professional Email)

The controller is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (p. 4).

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content (e.g., inquiries), this site uses SSL or TLS encryption (p. 7)

Your Rights (GDPR & International)

Regardless of your location (Germany, USA, Australia, or NZ), you have the following rights (p. 1):

  • Right to Access: You can request information about your stored data (p. 6).
  • Right to Rectification/Deletion: You can request the correction or deletion of your data (p. 6).
  • Right to Withdraw Consent: If processing is based on your consent, you can withdraw it at any time for the future (p. 5).
  • Right to Object: You can object to processing based on legitimate interests (p. 5).

7. Specific Data Processing for AI Automation Services

To provide our services, we use various third-party tools. We have entered into DPAs or rely on Standard Contractual Clauses (SCCs) to ensure a high level of data protection (p. 3).

AI Models (Gemini & ChatGPT)

  • Provider: Google Ireland Ltd. (Gemini - privacy policy) and OpenAI, L.L.C. (ChatGPT - privacy policy).
  • Purpose: Data analysis, organization, copywriting, Automation workflow building and software development.
  • Note: API-based access is primarily used to help ensure that business data is not used to train the providers' public models, maintaining confidentiality.

Forms on this Website (Tally & Webflow)

  • Provider: Tally BV (Tally - privacy policy) and Webflow, Inc. (Webflow - privacy policy)
  • Purpose: Form design, data gathering and processing.
  • Note: Access to these platforms is strictly limited and secured via two-factor authentication.

Appointment scheduling (Calendly)

  • Provider: Calendly, L.L.C. (Calendly - privacy policy)
  • Purpose: meeting scheduling & meeting reminders.
  • Note: Access to the platform is strictly limited and secured via two-factor authentication.

Embedded videos (Vimeo & Loom)

  • Provider: Atlassian Pty Ltd, Atlassian US, Inc. (Loom - privacy policy) and Vimeo.com, Inc. (Vimeo - privacy policy)
  • Purpose: Recording and hosting website- or email-embedded videos.

Automation Workflow building (Make.com)

  • Provider: Celonis SE, Germany (Celonis - privacy policy)
  • Purpose: Manual building of modular automations workflows.
  • Note: Access to the platforms is strictly limited and secured via two-factor authentication.

Lead Generation & Scraping (Apify & Apollo)

  • Provider: Apify Technologies s.r.o. (Apify - privacy policy) and Apollo Global Management, Inc. (Apollo - privacy policy)
  • Purpose: Scraping publicly available B2B data for lead generation.
  • Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) in performing professional market analysis and B2B outreach.

CRM, Database & Organization (Notion, Google Sheets, GitHub)

  • Provider: Notion Labs, Inc. (Notion - privacy policy); Google Ireland Ltd. (Google - privacy policy); Github, Inc. (Github - privacy policy)
  • Purpose: Project management, data enrichment, and code hosting.
  • Note: Access to these platforms is strictly limited and secured via two-factor authentication.

Communication (Zoom, WhatsApp, Social Media)

  • Tools: Zoom Video Communications, Inc. (Zoom - privacy policy), LinkedIn (Microsoft - privacy policy), Instagram/Facebook/WhatsApp (Meta - privacy policy).
  • Purpose: Client communication and outreach.
  • Note: WhatsApp communication is conducted according to the "Business" terms. Zoom is recommended for sensitive project discussions.

8. International Data Transfers (USA, AU, NZ)

For users in the USA (California CCPA/CPRA), Australia (Privacy Act 1988), and New Zealand:

Transfers to third countries are based on appropriate safeguards (e.g., EU Standard Contractual Clauses). Personal data is not "sold" as defined by the CCPA. The Australian Privacy Principles (APP) regarding the transparent management of personal information are respected.