Last updated: 01.04.2026

1. Controller

The controller responsible for the processing of personal data on this website is:

Emilian Ege - Nxtup Designs
Petunienweg 17 A
81377, Munich
Germany
Email: nxtup.team@gmail.com

2. Overview

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit this website, contact us, or interact with our services.

We process personal data in accordance with applicable data protection law, including the General Data Protection Regulation (“GDPR”), where applicable.

3. Personal Data We Collect

Depending on how you use this website, we may collect the following categories of personal data:

a) Data collected automatically when you visit the website

When you access this website, certain technical information may be processed automatically in server log files or through the hosting infrastructure. This may include:

• IP address

• date and time of access

• browser type and version

• operating system

• referrer URL

• pages visited

• device information

• request and response data

b) Data you provide when contacting us

If you contact us by email or via a contact form, we may process:

• your name

• your email address

• your company name, if provided

• the content of your message

• any other information you choose to provide

c) Data collected through forms

If this website contains a form, we may process the information you submit through that form in order to respond to your request, manage inquiries, or discuss potential work opportunities.

Form submissions may be delivered to our email inbox and, depending on our technical setup, may also be stored or forwarded to connected services such as Google Sheets or a webhook destination.

d) Analytics data

We may use privacy-friendly website analytics provided through Framer to understand how visitors use the site, such as page views, visit counts, and general traffic patterns. We do not use this information to identify individual visitors.

4. Purposes and Legal Bases of Processing

We process personal data for the following purposes and on the following legal bases:

a) Providing the website and ensuring security

We process technical and log data to operate the website, maintain stability and security, detect misuse, and ensure reliable delivery of the content.

Legal basis: Article 6(1)(f) GDPR (legitimate interests)

b) Responding to inquiries and communication

We process the data you provide when contacting us in order to respond to your message, handle project inquiries, and communicate with you.

Legal basis:

• Article 6(1)(b) GDPR, where the processing is necessary to take steps at your request prior to entering into a contract

• Article 6(1)(f) GDPR, for general communication and legitimate business correspondence

c) Website analytics and improvement

We process aggregated or privacy-friendly usage data in order to understand website performance, improve the site, and better present our work and services.

Legal basis: Article 6(1)(f) GDPR (legitimate interests)

d) Spam prevention and abuse detection

Where forms are used on this website, we may apply technical anti-spam and abuse-prevention measures to protect the site and the integrity of submissions.

Legal basis: Article 6(1)(f) GDPR (legitimate interests)

5. Cookies and Similar Technologies

This website does not intentionally use non-essential analytics or advertising cookies for visitor tracking.

If we introduce non-essential cookies or third-party tracking technologies in the future, we will provide additional notice and request consent where required by law.

6. Framer Hosting and Service Providers

This website is built and hosted using Framer. In order to operate the website, personal data may be processed by Framer and other technical service providers acting on our behalf, such as hosting, delivery, infrastructure, and security providers.

These service providers process personal data only as needed to provide their services and under appropriate contractual and legal safeguards.

7. Recipients of Personal Data

We may share personal data with the following categories of recipients where necessary:

• hosting and infrastructure providers

• website platform and technical service providers

• email providers

• anti-spam and security service providers

• analytics providers used within our website setup

• professional advisers, where necessary

• authorities or courts, where required by law

We do not sell personal data.

8. International Data Transfers

Some of our service providers may process personal data outside the European Union or the European Economic Area.

Where personal data is transferred to a country outside the EU/EEA, we take appropriate safeguards as required by law, for example by relying on an adequacy decision or on Standard Contractual Clauses approved by the European Commission, where applicable.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

In particular:

• technical log data is retained for as long as necessary for security, troubleshooting, and operational purposes

• inquiry and correspondence data is retained for as long as necessary to handle your request and any follow-up communication

• contract-related or tax-relevant data may be retained for the duration of applicable statutory retention periods

• analytics data is retained only as long as necessary for website analysis and improvement, in line with the technical setup used

10. Your Rights

If the GDPR applies to the processing of your personal data, you may have the following rights, subject to the conditions set out in applicable law:

• the right to be informed

• the right of access

• the right to rectification

• the right to erasure

• the right to restriction of processing

• the right to data portability

• the right to object

• the right to withdraw consent at any time, where processing is based on consent

• the right to lodge a complaint with a supervisory authority

To exercise any of your rights, please contact us using the contact details provided above.

11. Right to Lodge a Complaint

You have the right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data violates applicable data protection law.

For users in Germany, you may contact the supervisory authority responsible for your federal state, or the authority competent for our place of establishment.

12. Provision of Data

You are not legally required to provide personal data to us. However, if you choose not to provide certain data, we may be unable to respond to your inquiry or provide certain website functions.

13. Automated Decision-Making

We do not use your personal data for automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

14. Security

We take appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access.

However, no transmission of data over the internet is completely secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security.

15. Third-Party Links

This website may contain links to external websites. We are not responsible for the privacy practices of third-party websites. We encourage you to review their privacy policies separately.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business developments. The current version will always be published on this page with the updated effective date.

17. Contact

If you have any questions about this Privacy Policy or about how we process personal data, please contact:

Emilian Ege
Email: nxtup.team@gmail.com