Privacy Policy

Last updated: February 2026

1. Who We Are

Birdwave is operated by Birdwave UG (haftungsbeschränkt), registered in Germany. We provide automation services, software, and related communication channels for the Birdwave platform and website.

2. Data We Collect

We collect data you provide directly and data generated through your use of the platform:

  • Account data: name, email address, and password hash when you create an account.
  • Profile data: biography, job title, company affiliation, location, and profile photo you choose to share.
  • Usage data: pages visited, features used, timestamps, browser type, and IP address (anonymized after 30 days).
  • Communication data: messages sent through the contact form or in-platform messaging.

3. How We Use Your Data

  • To provide, maintain, and improve the directory service.
  • To authenticate your identity and secure your account.
  • To display your public profile in the directory (only information you mark as public).
  • To send service-related notifications (account verification, security alerts).
  • To respond to your inquiries submitted through the contact form.

4. Legal Basis (GDPR)

We process your data based on: (a) your consent, (b) performance of a contract (providing the service), (c) our legitimate interest in improving the platform, and (d) compliance with legal obligations. You may withdraw consent at any time.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Infrastructure providers: hosting, database, and storage providers necessary to operate the service.
  • Analytics: anonymized usage data for service improvement.
  • Legal requirements: when required by law, regulation, or valid legal process.

6. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies.

7. Data Retention

Account data is retained while your account is active. Upon deletion, personal data is removed within 30 days. Anonymized usage data may be retained indefinitely for analytics purposes. Backups containing personal data are purged within 90 days of deletion.

8. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Request erasure of your data (“right to be forgotten”).
  • Restrict or object to processing.
  • Data portability (receive your data in a structured format).
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at privacy@birdwave.io.

9. Security

We implement industry-standard security measures including encrypted data transmission (TLS), hashed passwords, and regular security audits. No system is 100% secure — if you discover a vulnerability, please report it to security@birdwave.io.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on the platform. Your continued use of the service after changes constitutes acceptance.