1. Controller
2. General Notes on Data Processing
We process personal data only to the extent necessary to provide a functional, secure, and economically viable SaaS platform. Processing is carried out in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws.
3. Legal Bases for Processing
Where personal data is processed, this is done in particular on the basis of Art. 6(1)(b) GDPR (contract and pre-contractual measures), Art. 6(1)(f) GDPR (legitimate interests in secure and stable operation), and – where required – Art. 6(1)(a) GDPR (consent).
4. Technical Access Data
When accessing HomeVisioner, our systems and hosting providers automatically process technical information. This may include IP address, date and time of access, browser type and version, operating system, referrer URL, and requested content.
This processing is carried out to ensure the security, stability, and error-free provision of the service, as well as for abuse and fault detection.
5. Account, Login and Authentication
When you create an account or log in, we process the data required for authentication, account management, and usage control (e.g. email address, login status, account metadata). This processing is necessary to provide protected areas, manage credits, and fulfill contractual services.
6. Uploaded Images and AI Processing
As part of using HomeVisioner, you can upload room and product images. These are processed to generate AI-powered visual previews and variants.
Uploaded and generated images are not displayed publicly on the website unless you publish or share them yourself. Processing is carried out to provide the features you requested within the product.
7. Hosting and Infrastructure
To provide HomeVisioner, we use external technical service providers for hosting, data storage, delivery, and system security. Personal data may be processed on our behalf. Where required, appropriate contractual and technical safeguards are implemented.
8. Payment Processing via Stripe
For paid services and subscriptions, payment processing is handled by Stripe. The data required for the payment transaction is transmitted to and processed by Stripe. For details on Stripe's data processing, please refer to Stripe's privacy information.
9. Cookies and Consent-Based Analytics
HomeVisioner uses technically necessary cookies to provide core functions such as login, session management, and security. Additional cookies or tracking technologies are only used on the basis of consent where legally required.
10. Retention Period
Personal data is retained only for as long as necessary for the respective purposes or as required by statutory retention obligations. Once the purpose no longer applies, we delete or anonymize the data in accordance with legal requirements.
11. Your Rights under GDPR
Subject to the legal requirements, you have in particular the right to access, rectification, erasure, restriction of processing, data portability, and objection to certain processing activities. You may withdraw consent given at any time with effect for the future. You also have the right to lodge a complaint with a data protection supervisory authority.
12. Data Protection Contact
If you have questions about the processing of your personal data, please contact us at:
[email protected]
13. Updates to This Privacy Policy
We reserve the right to update this privacy policy where required due to legal, technical, or organizational developments.
14. HomeVisioner Shopify App Data Processing
When using the HomeVisioner Shopify app, the following data is temporarily processed:
- Room photos uploaded by the customer
- Product images from the store
Processing partners:
- Google Cloud (europe-west1, EU)
- Supabase (EU region)
Retention: Room photos and generated visualizations are retained for up to 30 days, after which they are automatically deleted.
Legal basis: Art. 6(1)(b) GDPR – contract performance.