Back

Privacy Policy

Last updated: 18 May 2026

1137Labs ("we", "us", "our") takes the protection of your personal data seriously. This policy explains what personal data we process when you visit 1137labs.com, why, on what legal basis, how long we keep it, and which rights you have under the EU General Data Protection Regulation (GDPR).

1. Data Controller

1137Labs UG (haftungsbeschränkt)
[STREET ADDRESS]
[POSTCODE CITY]
Germany
legal@1137labs.com

2. Data Protection Officer

We are not legally required to appoint a data protection officer under Art. 37 GDPR. For all data protection matters, please contact us at legal@1137labs.com.

3. Server Log Files (Hosting)

This website is hosted on Firebase Hosting, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and its parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Each time you visit, our hosting provider automatically processes technical access data ("server log files"), specifically:

Purpose: ensuring the technical operation, stability and security of the website, and defending against attacks.

Legal basis: Art. 6(1)(f) GDPR. Our legitimate interest is the secure and reliable operation of our website.

Retention: Hosting access logs are retained by Google for a short technical period (typically up to 30 days) and then deleted or fully anonymised.

Recipient / processor: Google Ireland Ltd. / Google LLC, on the basis of a data processing agreement under Art. 28 GDPR. See section 7 for the related third-country transfer.

4. Email Contact (Inquiry, Support, Press, Legal)

If you contact us via one of the email addresses listed on this site (inquiry@, support@, press@, legal@1137labs.com), we receive the information you choose to send — typically your name, your email address, and the content of your message.

Purpose: to handle and respond to your inquiry.

Legal basis: Art. 6(1)(b) GDPR where your inquiry relates to a (pre-)contractual matter; Art. 6(1)(f) GDPR (legitimate interest in answering general inquiries) otherwise.

Retention: Email correspondence is retained only as long as necessary to resolve the matter and to comply with any applicable statutory retention obligations (e.g. § 257 HGB, § 147 AO — up to 6 or 10 years for tax-relevant correspondence), after which it is deleted.

Our business email is provided by Google Workspace (Google Ireland Ltd. / Google LLC) as a data processor under Art. 28 GDPR.

5. Analytics — Firebase Analytics (Google)

With your prior consent, we use Firebase Analytics, a service provided by Google Ireland Ltd. / Google LLC, to understand in aggregated form how visitors interact with this website. Firebase Analytics processes pages visited, approximate geographic region (country level), device and browser type, session duration, and identifiers stored in your browser (cookies and/or local storage). This data is personal data within the meaning of Art. 4 GDPR but is only used in aggregated form for usage analysis.

Purpose: aggregated usage analysis to improve the website.

Legal basis: Art. 6(1)(a) GDPR (your consent), in combination with § 25 Abs. 1 TDDDG (consent for storing/reading information on your terminal device).

Retention: Up to 14 months.

You can withdraw your consent at any time via the reset button on our Cookie Policy page. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

6. Cookies and Local Storage

We use a strictly necessary local-storage entry to remember your cookie-consent choice, and — only with your consent — analytics identifiers set by Firebase Analytics. A full list, including names, providers and storage durations, is in our Cookie Policy.

7. Transfers to Third Countries (USA)

Our hosting and analytics provider Google may process data in the United States. Google LLC is certified under the EU–US Data Privacy Framework (adequacy decision of the European Commission of 10 July 2023, C(2023) 4745). Transfers therefore take place on the basis of Art. 45 GDPR. As an additional safeguard, we have EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) in place with Google. You can request a copy of these safeguards at legal@1137labs.com.

8. Your Rights

You have the following rights regarding the personal data we process about you:

To exercise any of these rights, contact us at legal@1137labs.com.

9. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority competent for us is the supervisory authority of the federal state in which our registered office is located: [COMPETENT STATE DPA – e.g. "Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg"]. You may alternatively contact the supervisory authority of your habitual residence or place of work. A list of all German supervisory authorities is available at bfdi.bund.de.

10. Obligation to Provide Data

You are not legally or contractually obliged to provide us with personal data. However, we cannot respond to email inquiries without an email address.

11. Automated Decision-Making and Profiling

We do not use automated decision-making, including profiling, within the meaning of Art. 22 GDPR.

12. Changes to This Policy

We may update this policy when our services, technical infrastructure or legal requirements change. The current version is always available on this page.

13. Contact

Questions? Reach us at legal@1137labs.com.