Skip to main content
repleno
Sign Up

Privacy Policy

Privacy Policy for repleno: how we collect, process, and protect your data. GDPR-compliant with all servers located in Germany.
Last Updated: April 8, 2026

This Privacy Policy informs about the type, scope and purpose of the processing of personal data when using repleno.com and the repleno web app (together "Services").

1. Data Controller

Christoph Kay, trading under the brand repleno
Obernstr. 50, 33602 Bielefeld, Germany
Email: contact@repleno.com
(Further mandatory information see Imprint.)

repleno is exclusively aimed at entrepreneurs within the meaning of § 14 BGB.

2. Website Operation and Hosting (Connection Data)

Technical connection data is processed with each access to our Services (e.g. IP address, date/time, URL accessed, referrer, browser/device information).

Purpose: Content delivery, stability, IT security, error analysis.
Legal basis: Art. 6 para. 1 lit. f GDPR.
Storage duration: typically 7–30 days.

Hosting/Infrastructure location: EU, Frankfurt am Main region (Germany).
Database location: EU, Frankfurt am Main region (Germany).
Note: Even with EU regions, access by service providers (e.g. support/maintenance) from countries outside the EEA cannot be ruled out in every case.

3. Contact and Support

When you contact us (e.g. by email), we process the data you provide (e.g. name, email, message).

Purpose: Processing your inquiry, communication.
Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual/contractual) or Art. 6 para. 1 lit. f GDPR.
Storage duration: until completion of processing; possibly longer in case of legal obligations.

4. Customer Account, Contract and Billing (B2B)

When registering and using the customer account, we process account and contract data (e.g. name, company, email, roles, contract/subscription data) as well as billing data (invoices, payment status).

Purpose: Contract fulfillment, provision of services, billing, proof obligations.
Legal bases: Art. 6 para. 1 lit. b GDPR; Art. 6 para. 1 lit. c GDPR.
Storage duration: Contract term; billing documents typically 6–10 years.

5. Customer Data within repleno (Workspace/Tenant Data)

When using the repleno web app, repleno processes the data stored in the customer account or workspace (e.g. items, scans/consumption, order positions, supplier contacts) to provide, secure and support the service.

The respective customer company is responsible for the content and its legality.

For inquiries regarding data processed within a customer workspace, please contact your company's administrator first. General inquiries can be directed to contact@repleno.com.

5.1 AI-supported item creation with Mistral

Users can submit public product pages, URLs, or product texts to create an item data proposal. For this purpose, the submitted content is transmitted to Mistral as a processor. The proposal is only adopted into the customer's account after review and confirmation by the user.

Information on whether input and output are used to improve the service or train models depends on the Mistral offering used. Content may be processed or stored temporarily by Mistral for service provision and abuse monitoring.

Please do not submit personal or confidential content unless this is necessary for the intended use and expressly permitted.

6. Cookies, Consents and Analytics

We use necessary cookies/techniques for basic functions and – depending on your choice – analysis techniques.

  • Rybbit (cookieless): Analytics without cookies, always active on repleno.com.
    Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest), where applicable.
  • Google Analytics 4: loaded only after consent.
    Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

Device access (cookies/similar technologies): additionally § 25 TDDDG (necessary or consent).
Details (categories, specific cookies/techniques, durations, revocation "Cookie Settings"): see Cookie Policy.

7. Recipients / Service Providers

We use service providers (e.g. hosting/infrastructure, database operation, email, payment processing (payment service providers), analytics). Depending on the service, they act as processors or independent controllers.

Categories and – where necessary – further details on service providers used are available on request.

8. Third Country Transfers

If service providers process data outside the EEA or access it, this is only done under the conditions of the GDPR (e.g. adequacy decision, standard contractual clauses or comparable guarantees). Details are available on request.

9. Your Rights

You have – provided the legal requirements are met – the right to information, correction, deletion, restriction, data portability, objection and revocation of consents given.

Contact: contact@repleno.com
Right to lodge a complaint: competent data protection supervisory authority (e.g. LDI NRW).

10. Changes

We update this Privacy Policy as needed. The current version is available on repleno.com.

Empowered byFounders Foundation