Privacy Policy | Lazy snail Design

PRIVACY
POLICY

Data Controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Lazy snail GmbH
‍Ackerstraße 19
10115 Berlin
Germany

Managing Director:
Jannik Baggesen Weylandt

Commercial Register: HRB 285204 B, Amtsgericht Charlottenburg (Berlin)

privacy@lazysnail.design

Lazy snail GmbH is not required to appoint a Data Protection Officer under applicable law.

General Information on Data Processing

This privacy policy applies to the website www.lazysnail.design. We only process personal data of our users to the extent necessary to provide a functional website and our content and services. Personal data is generally only processed with the user’s consent, unless processing is permitted by law.

Legal Bases for Data Processing

Where we obtain consent for processing personal data, the legal basis is Art. 6(1)(a) GDPR.
Where processing is necessary to comply with a legal obligation, the legal basis is Art. 6(1)(c) GDPR.
Where processing is necessary for a legitimate interest of our company or a third party, and the interests, fundamental rights and freedoms of the data subject do not override that interest, the legal basis is Art. 6(1)(f) GDPR.

Hosting and Content Delivery

About Webflow

Our website is hosted on the Webflow platform. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.

When you visit our website, your personal data is processed on Webflow’s servers. This may include your IP address, browser type, operating system, pages visited, and the date and time of access.

Legal basis: Art. 6(1)(f) GDPR. Our legitimate interest is the reliable and secure provision of our website.

Third-country transfer: Webflow processes data in the USA. The transfer is based on the EU-US Data Privacy Framework (DPF), where Webflow is certified, and/or Standard Contractual Clauses (Art. 46(2)(c) GDPR).

More information: https://webflow.com/legal/privacy

Content Delivery Network (CDN)

Webflow uses a Content Delivery Network (Amazon CloudFront) to deliver website assets (images, stylesheets, scripts). Your IP address is transmitted to CDN servers in this process.

Legal basis: Art. 6(1)(f) GDPR.

Cookies and Consent Management

What Are Cookies?

Cookies are small text files stored on your device by your browser when you visit a website. They are used to enable certain features or to store information about your usage behaviour.

Consent Management (§ 25 TTDSG, Art. 6(1)(a) GDPR)

Our website uses a custom consent management system (cookie banner). On your first visit, you are asked to give consent for various cookie categories. Your choice is stored in your browser’s localStorage so you are not asked again on subsequent visits.
You can change your preferences at any time by clicking the cookie icon in the footer of our website.

The following categories are available:

Functional (required) Necessary for the basic operation of the website. Cannot be deactivated.

Analytics Enables statistical analysis of website usage (Google Analytics).

Advertising (Ad Storage, Ad User Data, Ad Personalisation) Enables the delivery of personalised advertising.

Personalisation Enables the website to be customised to your preferences.

SecuritySupports security features and fraud detection

Technically Necessary Data

Without your consent, no analytics or advertising cookies are set. The storage of your consent decision in localStorage is permitted under § 25(2)(2) TTDSG as it is technically necessary.

Analytics Services

Google Tag Manager

We use Google Tag Manager (GTM). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a service that allows us to manage tracking tools and other services on our website. GTM itself does not create user profiles, store cookies, or carry out independent analysis.

ImportantGoogle Tag Manager is only loaded on our website after you have given consent for analytics or advertising cookies via our cookie banner. Without your consent, GTM is not loaded.
‍
Legal basis: Art. 6(1)(a) GDPR (consent).

Google Analytics 4 (GA4)

We use Google Analytics 4, a web analytics service provided by Google Ireland Limited. Google Analytics uses cookies and similar technologies to analyse your use of our website.

Data processed: IP address (anonymised), pages visited, time spent on pages, device and browser information, referral source.

IP anonymisation: We have activated IP anonymisation. Your IP address is truncated within the EU/EEA before being transmitted to Google servers.

Ads data redaction: If you do not consent to advertising cookies, advertising-related data is additionally anonymised (ads_data_redaction is enabled).

Legal basis: Art. 6(1)(a) GDPR (consent). Google Analytics is only loaded with your explicit consent.

Third-country transfer: Google may process data in the USA. The transfer is based on the EU-US Data Privacy Framework and/or Standard Contractual Clauses.

More information: https://policies.google.com/privacy
Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout

Embedded Content

About Vimeo

Our website embeds videos from Vimeo. The provider is Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit a page containing an embedded Vimeo video, a connection is established to Vimeo’s servers. Your IP address is transmitted to Vimeo in this process.

Do Not Track We use the dnt=1 parameter on all Vimeo embeds. This instructs Vimeo not to set tracking cookies and not to track your usage behaviour.

Legal basis Art. 6(1)(f) GDPR (legitimate interest in an appealing presentation of our content). Vimeo videos are loaded with Do Not Track enabled, so no tracking takes place.

Third-country transfer ‍Vimeo processes data in the USA. The transfer is based on Standard Contractual Clauses.

More information: https://vimeo.com/privacy

Server Log Files

The hosting provider (Webflow) automatically collects and stores information in server log files that your browser transmits automatically. These include:

Browser type and version

Operating system

Referrer URL

IP address of the accessing device

Time of the server request

This data cannot be attributed to specific individuals. This data is not combined with other data sources.Legal basis: Art. 6(1)(f) GDPR (legitimate interest in ensuring error-free operation of the website).

Contact

Our website does not contain contact forms or newsletter signup forms. If you contact us by email, the data you provide (email address, name if applicable, and content of the message) will be stored by us for the purpose of processing your enquiry.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries) or Art. 6(1)(b) GDPR (pre-contractual measures).

Your Rights as a Data Subject

You have the following rights with regard to your personal data:

Right of access (Art. 15 GDPR): You have the right to request information about your personal data processed by us.

Right to rectification (Art. 16 GDPR): You have the right to request correction of inaccurate data.

Right to erasure (Art. 17 GDPR): You have the right to request deletion of your data, provided the legal requirements are met.

Right to restriction of processing (Art. 18 GDPR): You have the right to request restriction of processing.

Right to data portability (Art. 20 GDPR): You have the right to receive your data in a structured, commonly used and machine-readable format.

Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of your data based on Art. 6(1)(f) GDPR.

Right to withdraw consent (Art. 7(3) GDPR): You have the right to withdraw your consent at any time. The lawfulness of processing carried out prior to withdrawal remains unaffected.

To withdraw your cookie consent, click the cookie icon in the footer of our website and adjust your settings.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.
The competent supervisory authority for us is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit(Berlin Commissioner for Data Protection and Freedom of Information)
‍
Alt-Moabit 59–61
10555 Berlin
https://www.datenschutz-berlin.de

Data Retention

Unless a more specific storage period has been stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or withdraw consent, your data will be deleted unless we have other legally permissible reasons for storing your personal data.

SSL/TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the browser’s address bar changing from “http://” to “https://” and the lock icon in your browser bar.

Changes to this Privacy Policy

We reserve the right to amend this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services. The updated privacy policy will apply to your next visit.

Last updated: April 2026