Privacy Policy
Last updated: 8 June 2026
This Privacy Policy explains how your personal data is processed when you visit veloiq.app (the “Website”) and pre-register for VeloIQ. We take your privacy seriously and collect as little data as possible.
1. Controller
The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:
Kilian Minichberger
Traunerstraße 18
4050 Traun, Austria
Email: [email protected]
See our Imprint for full provider details.
2. Our privacy-first approach
This Website does not use advertising cookies, cross-site trackers, or user profiling. Analytics are cookieless and aggregated. The only personal data you actively provide is the information you enter into the pre-registration form.
3. Hosting and content delivery
The Website is hosted by Netlify, Inc., 512 2nd Street, Suite 200, San Francisco, CA 94107, USA (“Netlify”). When you access the Website, Netlify automatically processes server log data — including your IP address, browser type, operating system, the page requested, and the date and time of access — in order to deliver the Website and ensure its security and stability.
Traffic to the Website is routed through the content-delivery network and reverse proxy of Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA (“Cloudflare”). Cloudflare delivers the Website quickly and protects it against attacks (e.g., DDoS mitigation); for this purpose it processes connection data, including your IP address.
Legal basis for both: Art. 6(1)(f) GDPR (legitimate interest in operating a secure, performant, and reliable website). As Netlify and Cloudflare are based in the USA, data may be transferred to a third country; these transfers are safeguarded by the EU Standard Contractual Clauses and/or the EU–U.S. Data Privacy Framework. Data processing agreements pursuant to Art. 28 GDPR are in place with both providers; each is incorporated into the provider’s standard terms of service and applies without a separate signature.
4. Analytics (Umami)
We use Umami, a privacy-friendly, self-hosted web-analytics tool, to understand how the Website is used (e.g., page views, referring sources, country, device type — all in aggregate). Umami does not use cookies, does not store persistent identifiers on your device, and does not track you across other websites. IP addresses are used only transiently to derive approximate, anonymised statistics and are not stored in a way that identifies you.
Analytics requests are routed first-party through our own domain and processed by a self-hosted Umami instance running on a server under our control — your usage data is not shared with a third-party analytics provider. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in measuring reach and improving the Website). Because no information is stored on or read from your device, no consent under § 165 of the Austrian Telecommunications Act 2021 (TKG 2021) is required.
5. Pre-registration form
The pre-registration form is provided by Tally BV (Belgium, EU; see tally.so), acting as our processor under Art. 28 GDPR. A data processing agreement with Tally is in place (see Tally’s DPA and sub-processor list); form data is encrypted in transit and at rest and stored within the EU. When you pre-register, we process the data you enter — at minimum your email address — in order to notify you about the launch, grant early access, and gather feedback on which features to build next.
Legal basis: Art. 6(1)(a) GDPR (your consent) and/or Art. 6(1)(b) GDPR (pre-contractual measures taken at your request). You may withdraw your consent at any time with effect for the future, e.g., via the unsubscribe link in any email or by contacting [email protected]. We retain pre-registration data until the launch process is complete or until you ask us to delete it, whichever is earlier.
6. Fonts
All typefaces used on the Website are self-hosted and served from our own server. No font files are loaded from Google Fonts or any other third party, so no data (such as your IP address) is transmitted to an external font provider when you view the Website.
7. Cookies
We do not set tracking or advertising cookies, and our analytics are cookieless. The embedded pre-registration form may set cookies that are technically necessary for its operation.
8. Your rights
Under the GDPR you have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing based on legitimate interests (Art. 21). Where processing is based on consent, you may withdraw it at any time (Art. 7(3)) without affecting the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, contact us at [email protected].
9. Right to lodge a complaint
If you believe your data is processed unlawfully, you have the right to lodge a complaint with the Austrian Data Protection Authority:
Österreichische Datenschutzbehörde
Barichgasse 40–42, 1030 Vienna, Austria
[email protected] · dsb.gv.at
10. Data retention
We store personal data only as long as necessary for the purposes described above or as required by statutory retention obligations. Server logs are retained for a short period for security purposes; pre-registration data is deleted after launch or upon request.
11. No automated decision-making
We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR on this Website.
12. Changes to this Policy
As VeloIQ is under active development, we may update this Privacy Policy to reflect changes to the Website or legal requirements. The current version is always available on this page.