RepFlowAi

Privacy Policy

Last updated: 26.06.2026

1. Controller

The controller responsible for the processing described here is Attollo International GmbH, Postfach 40 26, 84016 Landshut, support@repflowai.io. Full provider details are in our Impressum.

2. Scope and security

This policy applies when you visit our website, take our wellness quiz, join a waitlist, or use RepFlowAi as a distributor, and is written to meet the EU General Data Protection Regulation (GDPR). For security, this site uses SSL/TLS encryption — you can recognise an encrypted connection by "https://" and the padlock in your browser.

3. Visiting the website (server log data)

When you visit our pages, our hosting provider automatically processes technical data needed to deliver the site securely: IP address, date and time of access, the page or file requested, referring website, and your browser and operating system. The legal basis is our legitimate interest in operating and protecting the website (Art. 6(1)(f) GDPR). This data is kept only briefly for security and troubleshooting and then deleted.

4. What we collect and why

WhenDataPurposeLegal basis
You take the wellness quizName, email, and the wellness-interest answers you selectTo generate your results, email them to you, and send related follow-up informationConsent — Art. 6(1)(a)
You join the waitlistName, email, company, your messageTo contact you about access and updatesConsent — Art. 6(1)(a)
You use RepFlowAi as a distributorAccount details, the content and leads you process, usage recordsTo provide the service to youContract — Art. 6(1)(b)
You contact usThe contact details and content you sendTo handle your requestContract / legitimate interest — Art. 6(1)(b)/(f)

Quiz answers reflect wellness interests you choose to share. Please do not send us detailed medical information; we neither ask for nor need it.

5. Email and messaging

If you opt in, we send your quiz results and a short series of follow-up emails. You can unsubscribe at any time via the link in every email, which immediately stops further follow-ups. Distributors receive operational notifications (for example, a new-lead alert) as part of using the service.

6. Who processes data for us

We use a small number of providers ("processors") that handle data on our behalf under data-processing agreements. We do not sell your personal data, and we do not use it to train generalised AI models.

Most of our processors are located in the EU (Hetzner in Germany, Brevo in France, Supabase in the EU). Where a processor such as Anthropic processes data in the USA, this is done under EU Standard Contractual Clauses pursuant to Art. 46 GDPR.

7. How long we keep it

We keep personal data only as long as needed for the purposes above or as required by law. If you unsubscribe or ask us to delete your data, we remove it from active use without undue delay, except where limited records must be retained to meet legal obligations.

8. Cookies

Our pages are designed to work without advertising or tracking cookies, using at most strictly necessary cookies. We do not set advertising or tracking cookies.

9. Your rights

Under the GDPR you have the right to:

To exercise any of these, email support@repflowai.io. You also have the right to lodge a complaint with a data-protection supervisory authority the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Ansbach.

10. Changes & contact

We may update this policy; the "last updated" date reflects the latest version. Questions: support@repflowai.io.