Privacy Policy
1. Controller
[Name / Company], [Address], [Email]. Responsible for data processing on this website within the meaning of the GDPR.
2. Cookies
By default this website sets only one technically necessary cookie (see table). Optional statistics or marketing cookies are set exclusively with your consent — no such service is currently active. Under § 25 (2) TDDDG no consent is required for technically necessary cookies. You can adjust or withdraw your consent at any time via the .
| Name | atelier_session |
|---|---|
| Purpose | Keeps you signed in (session token) so you don't have to log in again on every page view. |
| Lifetime | 12 hours |
| Properties | httpOnly, secure, sameSite=lax — not readable by scripts, only over HTTPS, protected against cross-site requests. |
By the way, the notice banner remembers your confirmation in your browser's localStorage — no cookie is set for that.
3. Account and brief data
When you create an account or submit a brief, we store the data you provide (email address, a hashed password — never in plain text — and the details from your brief). The purpose is handling your request and managing your project. The legal basis is Art. 6 (1)(b) GDPR (pre-contractual measures / performance of a contract).
4. Email confirmation
To confirm your email address we send a one-time confirmation link. [Once email delivery via a provider (e.g. Resend) is active, add the provider and any data processing agreement here.]
5. Hosting
The website is operated at [hosting provider, location]. When accessed, technically necessary server log data is processed. [Add details and any data processing agreement.]
6. Your rights
You have the right to access, rectification, erasure, restriction of processing, data portability and objection, as well as the right to lodge a complaint with a supervisory authority. To exercise these, contact [contact email].