Privacy Policy

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) is:

This privacy policy applies to the website flminfra.com (the "Site"). The Site is a B2B information and partnership inquiry platform. It is not directed at consumers and does not offer any consumer-facing services or products.

3.1 Server / Access Logs

When you visit the Site, our hosting provider (Vercel Inc., 340 Pine Street Suite 701, San Francisco, CA 94104, USA) automatically collects standard access log data, including: IP address, browser type, referring URL, pages accessed, and date/time of access.

Legal basis: Art. 6(1)(f) GDPR — legitimate interest in maintaining the security and operational integrity of the Site.

Retention: Log data is retained for up to 30 days and then deleted automatically.

3.2 Contact Inquiries

If you contact us by email at contact@flminfra.com, we will process the personal data you provide (such as name, email address, and message content) for the purpose of responding to your inquiry and conducting pre-contractual or contractual communication.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and/or Art. 6(1)(f) GDPR (legitimate interest in responding to business inquiries).

Retention: Business correspondence is retained for up to 6 years in accordance with applicable commercial and tax retention obligations (§ 257 HGB, § 147 AO), unless a longer retention period is required by law or a legitimate ongoing business relationship.

3.3 Cookies and Tracking

This Site does not use tracking cookies, analytics services, advertising pixels, or any third-party profiling tools. The only browser storage used is a single local storage entry (flm-theme) to remember your display preference (dark/light mode). This entry contains no personal data and is not transmitted to any server.

This Site is hosted by Vercel Inc. (USA). Data transfers to Vercel are governed by the EU Standard Contractual Clauses (SCCs) adopted by the European Commission pursuant to Art. 46(2)(c) GDPR. For further information on Vercel's data processing, see: vercel.com/legal/privacy-policy

Email correspondence is processed via your chosen email provider. If you send us a message, your data will be processed in accordance with your own provider's privacy policy.

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. Data may be disclosed to:

• Infrastructure and hosting providers (Vercel) under data processing agreements
• Legal advisors or authorities, where required by applicable law or court order

If you are located in the EU or UK, you have the following rights with respect to your personal data:

• Right of access (Art. 15 GDPR) — obtain confirmation and a copy of your data
• Right to rectification (Art. 16 GDPR) — correct inaccurate data
• Right to erasure (Art. 17 GDPR) — request deletion where applicable
• Right to restriction (Art. 18 GDPR) — restrict processing in certain circumstances
• Right to data portability (Art. 20 GDPR) — receive your data in a structured format
• Right to object (Art. 21 GDPR) — object to processing based on legitimate interests

To exercise any of these rights, contact us at contact@flminfra.com. We will respond within 30 days.

You have the right to lodge a complaint with your local data protection supervisory authority. The competent authority in Germany is the supervisory authority for the federal state in which the controller is located. A list of German supervisory authorities is available at: www.bfdi.bund.de

For data subjects in the UK, the relevant authority is the Information Commissioner's Office (ICO): ico.org.uk

For data subjects in the United Kingdom, this policy also constitutes our UK GDPR privacy notice. The UK GDPR (as retained in UK law by the European Union (Withdrawal) Act 2018) applies to personal data of UK residents. Your rights and our obligations under UK GDPR are equivalent to those described above under EU GDPR.

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. All data in transit is encrypted via HTTPS/TLS.

We may update this privacy policy from time to time to reflect changes in our practices or applicable law. The date of the most recent revision is shown below. We recommend checking this page periodically.