Privacy policy (Datenschutzerklärung)

Last updated: 13 June 2026 · Version 2026-06-13

This policy explains how Klartext processes your personal data, in line with the EU General Data Protection Regulation (GDPR). It is in force from the first public deployment. A German version is available via the switch above; the German text is authoritative where the two differ. Plainer, illustrated summaries of the data flow and the providers we use are on our data-flow page and subprocessors page.

1. Who is responsible (controller)

The controller for the processing described here is the operator named in our Impressum. For any data-protection request, use the contact details listed there.

2. What we process, why, and on what legal basis

• Account & authentication (email address, password stored only as a secure hash, verification status) — to create and secure your account. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
• Profile (the onboarding answers: city, employment, family, housing, income band, residency, arrival date) — to tailor your deadlines, guides, and benefit matches. Legal basis: contract (Art. 6(1)(b)). You choose what to provide and can change or clear it anytime.
• Scanned letters (the images/PDFs you upload and the structured explanation we generate) — to interpret and archive them for you. Legal basis: contract (Art. 6(1)(b)). Sending the content to our AI provider to read it is part of this service (see §4).
• Calendar, procedure progress, benefit matches — to provide the system-of-record features. Legal basis: contract (Art. 6(1)(b)).
• Transactional email + send log (verification, password reset, deadline reminders, digests) — to operate the service and prove what was sent. Legal basis: contract (Art. 6(1)(b)); reminders/digests can be turned off.
• Security & abuse prevention (rate-limiting, upload validation, malware scanning of uploads) — Legal basis: our legitimate interest in keeping the service safe (Art. 6(1)(f)).
• Consent records (when you accepted this policy and which version, the one-time AI-processing acknowledgement) — Legal basis: our legal obligation/accountability (Art. 5(2), Art. 6(1)(c)).

3. Recipients / processors

We use a small number of processors acting on our behalf under data-processing agreements: our AI provider (Anthropic) for letter interpretation, an email provider for transactional email, and a hosting provider for our servers and storage. The current list, with roles and locations, is on our subprocessors page. We do not sell your data and use no third-party advertising or analytics trackers.

4. Transfer to a third country (USA)

To interpret a letter, its content is sent to Anthropic, which processes it in the United States. This international transfer is safeguarded by the EU’s Standard Contractual Clauses and Anthropic’s self-certification under the EU–US Data Privacy Framework (Art. 44–46 GDPR). Under these terms Anthropic processes the content only to return the explanation, does not train its models on it, and deletes inputs and outputs within about 30 days. We will not overstate this: this is the one step where your data leaves the EU. See the data-flow page.

5. How long we keep it

• Account & profile: until you delete your account.
• Scanned letters: until you delete the scan or your account — or sooner if you set auto-delete (30 / 90 / 365 days) in Settings → Privacy & data.
• Email send log: until account deletion.
• At our AI provider: about 30 days, then deleted (see §4).

6. Your rights

Under the GDPR you have the right to:

• Access your data (Art. 15) — and to download a copy in a portable format from Settings → Your data.
• Rectification (Art. 16) — edit your profile and account details anytime in Settings.
• Erasure (Art. 17) — delete individual scans, or your whole account, which truly erases your data.
• Restriction (Art. 18) and to object (Art. 21).
• Data portability (Art. 20) — the export above.
• Withdraw consent at any time, without affecting prior processing.
• Lodge a complaint with a supervisory authority (Art. 77), e.g. the data-protection authority of your German federal state.

Gating or subscription status never locks you out of your own data — your archive stays readable, exportable, and deletable regardless of plan.

7. Cookies

We set a single, strictly-necessary session cookie to keep you signed in. It is technically required for a service you actively requested (signing in), so under § 25(2) TDDDG it needs no consent banner. We use no advertising, tracking, or analytics cookies.

8. Automated decision-making

We do not carry out automated decision-making that produces legal or similarly significant effects on you (Art. 22 GDPR). The AI interpretation of a letter is information about what the letter says; it makes no decision about your case, and any deadline it surfaces is a proposal you confirm yourself.

9. Not legal or tax advice

Klartext explains what official letters say and tracks the dates they name. It does not assess your individual case. For that, consult a qualified Rechtsanwalt or Steuerberater, or an appropriate advice body (e.g. Mieterverein, Sozialverband).

10. Third parties’ data in letters

Letters can contain other people’s personal data. Please upload only what you need explained, and use the retention controls to limit how long it is kept.

We review this policy with legal counsel before public launch, including the format of the letter-interpretation output (RDG/StBerG). Material changes bump the version above and are re-acknowledged on next sign-in.