Privacy Policy

For privacy rights requests, contact privacy@cutflowcloud.com.

If we appoint a dedicated Data Protection Officer or privacy representative, we publish the direct contact details here.

We process identity and business context information submitted in contact requests and rollout conversations.

We also process technical metadata needed for fraud prevention, uptime, and security monitoring.

Processing is based on Art. 6(1)(b) GDPR for pre-contractual communication and service initiation.

Processing is based on Art. 6(1)(f) GDPR for secure operation, abuse prevention, and platform integrity.

Where optional technologies are used, processing may be based on Art. 6(1)(a) GDPR consent.

Data may be processed by hosting, database, email, and anti-abuse providers acting as processors.

Processor agreements under Art. 28 GDPR are maintained where legally required.

A current processor or subprocessor overview is available on request.

If personal data is transferred outside the EEA, appropriate safeguards such as SCCs or adequacy decisions apply.

Transfer impact assessments are documented whenever the law requires them.

Contact-request and rollout-conversation records are retained only as long as necessary for request handling, contracting, and statutory obligations.

Security and anti-abuse records are kept only for the period needed for fraud prevention, platform integrity, and incident response.

You may request access, rectification, erasure, restriction, portability, and objection under GDPR.

You may withdraw consent at any time without affecting prior lawful processing.

The Booking Project applies technical and organizational measures including access controls, logging, encrypted transport, and abuse-prevention checks.

Potential incidents are investigated and, where legally required, reported to supervisory authorities and affected persons.

You may lodge a complaint with a competent data protection authority, especially in your place of residence, place of work, or the controller location.