Effective Date: 04.06.2025
Last Updated: 04.06.2025

​

Your Data, Your Rights

We only collect necessary data to provide our services. We don’t sell your data. We use EU-hosted servers and secure third-party tools to help you analyze pitch decks. You’re always in control of your data.

​

1. Who We Are

​​

DMC SupScreen UG (haftungsbeschränkt)
Gronsdorfer Straße 2, 81825 München, Germany
Email: team@supscreen.com

Managing Director: Dr. Delphine Colin

We are committed to protecting your privacy and handling your personal data lawfully and transparently.

​

2. Scope

​

This Privacy Policy applies to all visitors and users of:

• Our public website (www.supscreen.com)

• Our platform and communication tools (for demo participants or client teams)

Our services are not intended for children under 16, and we do not knowingly collect their personal data.

​

3. Data We Collect

​

• We may collect the following types of data:

• Identification Data: Name, job title, email address

• Authentication Data: Login credentials

• Documents (for registered users on our platform): Uploaded pitch decks, team bios, company profiles

• Usage Data: Session logs, page views, access timestamps

• Technical Data: IP address, browser type and version, OS, device identifiers

• Marketing Preferences: Newsletter subscriptions, consent history, email open rates

 

We do not process special categories of personal data under Art. 9 GDPR.

​

4. How We Collect Data

​

• Directly: Through contact forms, uploads, onboarding steps, or communication (e.g. support tickets or emails)

• Automatically: Through cookies, analytics tools, session tracking

• Indirectly: Through integrated services (e.g. Brevo, Supabase, Wix)

 

5. Purpose and Legal Basis

 

Purpose --> Legal basis

To provide our services and analyze pitch decks --> Performance of contract (Art. 6(1)(b) GDPR)

Platform onboarding and user support --> Performance of contract

Payment processing and invoicing --> Legal obligation (Art. 6(1)(c))

Website analytics and improvement --> Legitimate interest (Art. 6(1)(f))

Email newsletters or marketing --> Consent (Art. 6(1)(a))

​

6. AI and Data Use

​

In our platform, we process uploaded documents using Azure OpenAI GPT-4-1 through secure API access.
We do not use your data to train any AI models.
All generated reports are stored securely on Supabase infrastructure.
Data is encrypted in transit and at rest.

​

7. Data Sharing and International Transfers

​​

All third-party providers act as data processors under written agreements in compliance with Art. 28 GDPR.

​

Platform Data

All personal data uploaded or generated within the SupScreen platform (e.g. pitch decks, company information, user logins) is stored and processed exclusively within the European Union (EU).
This includes storage on Supabase (EU-hosted) and processing through AI and enrichment tools such as:

• Azure OpenAI (EU endpoint for GPT-based analysis)

• ProxyCurl, Serper, Perplexity – used to enrich company and market data

These tools operate under strict contractual and technical safeguards. All platform-related data is protected in accordance with GDPR and is not transferred outside the EU.

​

Website Data

Our public website (www.supscreen.com) uses third-party services that may transfer limited technical data (such as IP address or device info) to servers located outside the EU, including:

• Wix.com Ltd. – website hosting (data centers in the US, Ireland, Israel, South Korea, Taiwan)

• Google Services – including Google Analytics, Google Tag Manager, and Ads

• Brevo (Sendinblue) – for newsletter signup and email communication

Where data is transferred to a third country, such transfers are protected by Standard Contractual Clauses (SCCs) or other GDPR-compliant safeguards.

​

We may also share data with legal or tax advisors and public authorities if legally required.

​

8. Data Retention

​

• User accounts and uploaded content: Deleted upon request

• Session logs: Retained for 6 months

• Transactional and payment data: Retained for up to 6 years under German tax law

 

9. Your Rights Under GDPR

​

You have the following rights:

• Access your personal data

• Correct or complete your data

• Request deletion (“right to be forgotten”)

• Restrict processing

• Data portability

• Object to processing based on legitimate interest

• Withdraw consent for marketing

• Lodge a complaint with a supervisory authority

​​

To exercise these rights, contact: team@supscreen.com
Supervisory authority: www.bfdi.bund.de

​

10. Cookies

​

We use cookies and similar technologies to enhance your browsing experience and track usage. On your first visit, you will see a cookie banner where you can adjust preferences. You can also manage cookies in your browser settings. 

​

11. Data Security

​

We implement appropriate technical and organizational measures to protect your personal data. Access is limited to authorized personnel bound by confidentiality.

​

12. Updates to This Policy

We may update this policy to reflect changes in law or services. Any changes will be posted here with a new “Last Updated” date.

​

13. Contact

​

If you have any questions or concerns, contact us at:
DMC SupScreen UG (haftungsbeschränkt)
Gronsdorfer Straße 2, 81825 München, Germany
Email: team@supscreen.com