Privacy Notice

1. Controller

The controller within the meaning of Art. 4(7) GDPR is: Akixa, owner Dipl.-Phys. Gerhard H. C. Scheffler, Seesener Straße 43, 10711 Berlin, Germany, email: hello@lingrada.app. No data protection officer is required by law (Art. 37 GDPR / § 38 BDSG not applicable).

2. Your rights

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and objection (Art. 21 GDPR). You may withdraw any consent at any time with future effect (Art. 7(3)). You also have the right to lodge a complaint with a supervisory authority (Art. 77), in particular in the member state of your residence or the alleged infringement. The authority competent for our seat is the Berlin Commissioner for Data Protection and Freedom of Information (BlnBDI), Alt-Moabit 59–61, 10555 Berlin. To exercise your rights, an email to hello@lingrada.app suffices.

3. Hosting (Vercel)

This website is operated on Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA; delivery may occur via servers in the USA and/or within the EU. On access, Vercel processes technically necessary access data to deliver content and keep operation secure and stable. Legal basis: Art. 6(1)(f) GDPR. A data processing agreement (DPA) is in place. For the transfer to the USA, see section 10.

4. Server log files

On each access, technically necessary data are processed (incl. IP address, date and time, requested resource, referrer URL, user agent), to the extent required for delivery, stability and security. Legal basis: Art. 6(1)(f) GDPR.

5. Translation (text demo and live audio)

On the home page you can use a text translation demo. The text you enter is sent to Google's Gemini interface (Google Ireland Ltd., Ireland, possibly Google LLC, USA) to produce the translation. Please do not enter personal or confidential data into the demo. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in demonstrating translation quality). For the transfer to the USA, see section 10.

Once the live audio product is available, the audio stream is processed in real time to generate the spoken translation. To reduce latency, this processing may take place in a cloud region (Amazon Web Services) close to the speaker, which may be outside the EU/EEA; in that case the transfer relies on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR). See section 10 for more on third-country transfers.

The live audio product is still in development and is not yet available on this website; currently only the text demo described above is active.

6. Abuse protection / rate limiting (Upstash)

To limit abusive use of the public demo, your IP address is processed. It is pseudonymised by a hash before any storage (not stored in plain text) and used solely to count requests per time window, not to identify you. Provider: Upstash, Inc.; processing takes place in a region within the EU. Legal basis: Art. 6(1)(f) GDPR (protection against abuse and cost abuse).

7. Fonts

Fonts are served locally from our server (self-hosting via `next/font`). No data is transferred to Google Fonts or other third parties when the page loads.

8. Audience measurement (server-side)

We use no client-side analytics or tracking scripts. No cookies are set, no identifiers are stored on or read from your device, and no profiles capable of identifying you are created; there is no cross-device tracking. Any analysis of usage is performed solely server-side and in aggregated form, based on the technically necessary access data that arise in any case (see section 4). As this involves no access to your device beyond what is technically necessary within the meaning of § 25(1) TDDDG, no consent is required and no cookie banner is needed. Legal basis: Art. 6(1)(f) GDPR.

9. Waitlist / pilot sign-up

If you join the waitlist, we process your email address and any optional details (name, city, languages). We use a double opt-in procedure: you receive a confirmation email and are only added to the list after you confirm via the link it contains. Storage in Amazon DynamoDB in the EU (Frankfurt region, eu-central-1); the confirmation email is sent via Amazon SES (EU). Processor: Amazon Web Services EMEA SARL, Luxembourg. Legal basis: Art. 6(1)(a) GDPR (consent). You may withdraw at any time by email to hello@lingrada.app. Unconfirmed entries are deleted automatically within about 7 days; confirmed entries are kept until product launch or until you request deletion. To document consent, we store the time and confirmation status. While online sign-up is not yet enabled, the sign-up button instead opens a pre-filled email in your own mail program; section 12 then applies.

10. Third-country transfer (USA)

For the services in sections 3 and 5 (Vercel, Google), processing involves providers with a US nexus. They base the transfer on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) and, where the providers are certified accordingly, additionally on the EU-US Data Privacy Framework (Commission adequacy decision). Despite these safeguards, access by US authorities cannot be entirely ruled out. For the forthcoming live audio product (section 5), real-time processing of the audio stream may additionally take place in AWS regions outside the EU/EEA; this too relies on EU Standard Contractual Clauses. The waitlist data (section 9) are stored in the EU.

11. Payment processing (Dodo Payments — Merchant of Record)

We use Dodo Payments as Merchant of Record (MoR) to handle payments. Dodo acts as the legal seller/merchant and handles payment processing and tax remittance. In this context Dodo processes the data required for payment (e.g. name, email, billing and payment data) under its own or joint responsibility. Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Where Dodo processes data outside the EU, this is based on appropriate safeguards (Standard Contractual Clauses and/or DPF). The exact legal-entity details will be added when the checkout is activated.

This section applies only once paid offerings or a checkout are active — there is currently no payment processing on this website.

12. Contact

If you contact us by email, we process the details you provide (in particular your email address and the content of your message) in order to handle your request. Legal basis: Art. 6(1)(b) GDPR where your request concerns the conclusion or performance of a contract, otherwise Art. 6(1)(f) GDPR (interest in responding to enquiries). Where the website opens a pre-filled email in your own mail program for this purpose, the entered data leave your device only when you send the email yourself.

13. Retention

We store personal data only as long as necessary for the respective purposes or as required by statutory retention periods (log files: short-term; waitlist: see section 9; payment data: statutory periods).

14. Changes to this notice

We update this privacy notice when our data processing changes. Last updated: 2 June 2026.