Privacy Policy

Privacy Policy

Effective Date: January 1, 2025

1. Introduction

Welcome to JeffStahlnecker.com (the “Site”). We, Jeff Stahlnecker (“we,” “us,” “our”), respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Site and related services, including AI features powered by Anthropic and contact forms powered by Resend.

By accessing or using the Site, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Site or services.

2. Who We Are

  • Controller: For the purposes of data protection laws (including the EU General Data Protection Regulation, “GDPR”), the data controller is:

    Name: Jeff Stahlnecker
    Address: c/o IP-Management #4093, Ludwig-Erhard-Str. 18, 20459 Hamburg, Germany
    Email: info@jeffstahlnecker.com
    Phone: +49 1512 6839610

3. Data We Collect

  1. Personal Data You Provide

    • Contact Information: Name, email address, phone number, or any other details you voluntarily provide when filling out forms (such as contact forms) or emailing us.
    • AI Chat Inputs: Any text or information you enter when using our AI features powered by Anthropic.

  2. Automatically Collected Data

    • Usage Information: IP address, browser type, operating system, referring URLs, pages visited, dates/times of visits, etc.
    • Cookies: We may use cookies or similar tracking technologies to enhance user experience and gather analytics. See Section 7 for more details.

  3. Data from Third Parties

    • We might receive certain technical data or usage analytics from service providers (e.g., hosting platforms, analytics providers) to help improve Site performance.

4. How We Use Your Data

  1. Providing and Improving Services

    • We use your personal data to operate the Site, respond to inquiries, and improve the user experience.
    • AI Chat Inputs are processed by Anthropic for generating responses and refining the quality of the AI services.

  2. Communications

    • We may use your contact information to reply to messages or inquiries you send us, or provide relevant updates about our services.

  3. Data Retention

    • We generally retain your personal data for up to 1 year following your last interaction with us, unless a longer retention period is required by law or justified by a legitimate business interest. After that, your personal data will be securely deleted or anonymized.

  4. Legal Basis

    • Under the GDPR, our legal grounds for processing your personal data include legitimate interests (for running and improving our Site, communicating with users) or your consent (e.g., when you provide data voluntarily or accept cookies).

5. Disclosure of Your Data

  1. Hosting (Netlify)

    • Our Site is hosted by Netlify, and any data or content you provide may be processed by Netlify in accordance with Netlify’s Privacy Policy.

  2. Service Providers

    • We may share personal data with trusted third-party providers (e.g., analytics services) who help us run or improve the Site. These providers process data only according to our instructions and are bound by confidentiality obligations.

  3. Heap Analytics

    • We use Heap to track how users interact with our Site, including page views, button clicks, scrolling, and other user interactions. We do not collect session replays (i.e., no full video recordings of user sessions).
    • Purpose of Tracking: The data collected by Heap is used strictly for analytics—to understand user engagement, identify areas for improvement, and enhance the overall Site experience.
    • Data Retention: Heap stores the collected data for a maximum of six (6) months, after which it is deleted or anonymized.
    • Opt-Out/Consent: You can opt out of Heap Analytics at any time via our cookie banner (see Section 7). If you decline analytics cookies, Heap will not track your usage.
    • GDPR Compliance: Heap’s data processing is carried out in compliance with GDPR requirements, and we only enable Heap with your consent (no analytics cookies unless accepted). You retain all relevant rights to access or delete any personal data that may be collected through Heap.

  4. Anthropic (AI Provider)

    • If you use the AI feature, the text you enter is sent to Anthropic for processing and response generation. Anthropic’s Privacy Policy applies to that data handling.

  5. Resend (Email Provider)

    • Our contact forms utilize Resend to send emails to us. By submitting a form, you acknowledge that your data will be transmitted through Resend. Please review Resend’s Privacy Policy for more details.

  6. Legal Requirements

    • We may disclose personal data if required by law, court order, or government regulation, or if such disclosure is necessary to protect our rights, property, or safety.

  7. Business Transfers

    • If we are involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will notify you if your data becomes subject to a different privacy policy.

6. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence, including the United States (where Anthropic, Resend, or Netlify may process data). We ensure that adequate safeguards are in place to protect your data in accordance with applicable data protection laws (e.g., using the European Commission’s Standard Contractual Clauses).

7. Cookies & Tracking Technologies

  1. Cookies

    • We may use cookies (small text files) to store or track information about your usage of the Site. These cookies can be essential (for site functionality) or optional (for analytics or preferences). In the case of Heap Analytics, the cookies set help us measure user engagement (e.g., clicks, scrolling) to improve the Site experience.

  2. Managing Cookies

    • You can adjust your browser settings to refuse cookies or alert you when cookies are being sent. If you opt out of analytics cookies (including Heap), some analytics features may not function properly. However, core parts of the Site should remain accessible.

8. Your Rights Under GDPR

If you are located in the EU or EEA, you have the following rights:

  • Right of Access: Request a copy of your personal data we hold.
  • Right to Rectification: Ask us to correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data if there’s no longer a valid reason for us to keep it.
  • Right to Restrict Processing: Ask us to limit how we use your data.
  • Right to Data Portability: Request a copy of your data in a structured, commonly used format.
  • Right to Object: Object to certain types of data processing, such as direct marketing.

To exercise these rights, please contact us at info@jeffstahlnecker.com. We will respond within the timeframe required by applicable law.

9. Children’s Privacy

Our Site is not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you become aware that a child has provided us with personal information, please contact us, and we will promptly delete it.

10. Security Measures

We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, no method of data transmission or storage is fully secure.

11. Changes to This Privacy Policy

We may update this Privacy Policy at any time by posting a new version on the Site with a revised “Effective Date.” Your continued use of the Site after such changes indicates your acceptance of the updated policy.

12. Contact Us

For questions or requests regarding this Privacy Policy, please contact:

Jeff Stahlnecker
Email: info@jeffstahlnecker.com
Address: c/o IP-Management #4093, Ludwig-Erhard-Str. 18, 20459 Hamburg, Germany
Phone: +49 1512 6839610

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the data protection authority in Germany—particularly in the region where you live or work, or where an alleged infringement took place. For residents of Saxony, the relevant authority is the Saxon Data Protection Commissioner.