MENU

Privacy Policy

Last updated: February 15, 2026

1. Controller

The controller responsible for data processing on this website is:

Non-Lethal Applications
Florian Loferer
Loisachstrasse 1
83101 Rohrdorf
Germany

Email: info@non-lethal-applications.com
Phone: +49 8031 7967750

2. What Data We Collect

2.1 Account Registration

When you create an account, we collect:

  • First and last name
  • Email address
  • Password (stored encrypted)

Purpose: To create and manage your user account, process purchases, and deliver software licenses.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).

2.2 Purchases and Licensing

When you purchase a product, we collect:

  • Transaction and order details
  • License keys and activation data
  • iLok account information (where applicable)

Purpose: To process your purchase, deliver and manage your software license, and provide customer support.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).

2.3 Contact Form

When you use our contact form, we collect:

  • Your name
  • Email address
  • Message content and any attachments you send

Purpose: To respond to your inquiry and provide customer support.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — we have a legitimate interest in responding to inquiries directed at us.

2.4 Newsletter

When you subscribe to our newsletter, we collect your email address. You may also opt in during registration.

Purpose: To send you product updates, release announcements, and other information you have opted in to receive.
Legal basis: Consent (Art. 6(1)(a) GDPR). You can withdraw your consent at any time by using the unsubscribe link in any newsletter email or by contacting us.

2.5 Server Log Files

When you visit our website, our web server automatically collects:

  • IP address
  • Date and time of access
  • Pages visited and requested URL
  • Referring URL
  • Browser type and version
  • Operating system

Purpose: To ensure the security and stability of our website and to detect and prevent abuse.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

3. Cookies

3.1 Essential Cookies

We use cookies that are strictly necessary for the operation of our website:

  • Session cookie — Maintains your login session. Expires when you close your browser.
  • CSRF token cookie — Protects against cross-site request forgery. Expires when you close your browser.
  • Cookie consent cookie — Stores your cookie consent preference. Expires after 7300 days.

Legal basis: These cookies are strictly necessary and do not require consent (Art. 6(1)(f) GDPR).

3.2 Analytics Cookies

We use Google Analytics 4 (provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to analyze website usage. Google Analytics is only loaded after you have given consent via our cookie banner.

Google Analytics uses cookies to collect information about how visitors use our website, including pages visited and time spent. This data is processed in aggregated form and is used to improve our website.

Google may transfer data to servers in the United States. Google participates in the EU-U.S. Data Privacy Framework. For more information, see Google's Privacy Policy.

Legal basis: Consent (Art. 6(1)(a) GDPR). You can withdraw your consent at any time by clearing your cookies.

4. Third-Party Services

4.1 Paddle (Payment Processing)

We use Paddle.com (Paddle.com Market Limited, 15 Briery Close, Great Oakley, Corby, Northamptonshire, NN18 8JG, United Kingdom) as our Merchant of Record for payment processing. When you make a purchase, Paddle processes your payment information directly. We do not store your credit card or payment details on our servers.

Paddle's checkout script is only loaded on product and license management pages. Paddle may process your name, email, billing address, and payment details.

For more information, see Paddle's Privacy Policy.

Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).

4.2 Google reCAPTCHA

We use Google reCAPTCHA v3 on our registration and contact forms to protect against automated spam and abuse. reCAPTCHA collects hardware and software information (such as device and application data) and sends it to Google for analysis.

For more information, see Google's Privacy Policy.

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — we have a legitimate interest in protecting our website from spam and abuse.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data: Retained as long as your account is active. You may request account deletion at any time.
  • Purchase and license data: Retained for the duration of your license and as required by tax and commercial law (typically 10 years for invoicing records under German law, §§ 147 AO, 257 HGB).
  • Contact form submissions: Retained for up to 12 months after the inquiry is resolved, unless a longer retention is required for ongoing support.
  • Newsletter subscriptions: Retained until you unsubscribe.
  • Server log files: Automatically deleted after 30 days.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR) — You can request information about what personal data we hold about you.
  • Right to rectification (Art. 16 GDPR) — You can request correction of inaccurate personal data.
  • Right to erasure (Art. 17 GDPR) — You can request deletion of your personal data, subject to legal retention obligations.
  • Right to restriction (Art. 18 GDPR) — You can request restriction of processing of your personal data.
  • Right to data portability (Art. 20 GDPR) — You can request your data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21 GDPR) — You can object to processing based on legitimate interests at any time.
  • Right to withdraw consent (Art. 7(3) GDPR) — Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@non-lethal-applications.com.

7. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for us is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
Website: www.lda.bayern.de

8. Data Security

We use appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These measures include encrypted data transmission (TLS/SSL), secure password hashing, and access controls. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised "Last updated" date.