Privacy policy
Last updated: 15.05.2026
This privacy policy explains how personal data is processed when you visit our website www.enlix.de and when you use our services. We take the protection of your data seriously. Processing follows the revised Swiss Federal Act on Data Protection (revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR).
1. Controller
ENLIX GmbHPilatusstrasse 10
8330 Pfaeffikon Zurich, Switzerland
Email: hello@enlix.ai
2. Data protection officer
Appointing a data protection officer is not required for ENLIX under revDSG. For questions about how your data is processed, contact hello@enlix.ai.
3. Collection and processing of personal data
3.1 When you visit the website (server logs)
When you visit our website, our hosting provider automatically stores data in server log files. This includes:
- Browser type and version
- Operating system
- Referrer URL
- Host name of the requesting device
- Time of the server request
- IP address (anonymized after 24 hours)
This data is not combined with other sources. The legal basis is Art. 31 para. 2 lit. a revDSG (overriding legitimate interest), and for EU users Art. 6 para. 1 lit. f GDPR. The data is deleted automatically after 30 days.
3.2 Contact form
If you contact us through the form, the details you provide, including your contact information, are stored so we can handle your inquiry and respond to any follow-up questions. We do not share this data without your consent.
Processing is based on Art. 31 para. 2 lit. a revDSG and, for EU users, Art. 6 para. 1 lit. b GDPR (pre-contractual measures). Your data is deleted once the inquiry has been resolved and no statutory retention obligations apply.
3.3 Appointments and discovery calls
For booking discovery calls we use Cal.com, a self-hosted open-source scheduling service. The booking captures your name, email address, and optionally your phone number, stored on servers in the European Union. No transfer to third countries takes place.
4. Tools and services in use
We use the following services to operate our website and deliver our work. Where these services process personal data, we have entered into data processing agreements under Art. 9 revDSG and Art. 28 GDPR with the providers.
4.1 Hosting (Vercel)
Our website is hosted by Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA. Vercel processes technical data on request (see server logs above). Data processing primarily takes place in data centers in the European Union (Frankfurt am Main).
Transfers to the USA are based on Standard Contractual Clauses (SCCs) and supplementary protective measures. Vercel is certified under the EU-US Data Privacy Framework.
Vercel privacy policy: https://vercel.com/legal/privacy-policy
4.2 Database (Supabase)
We use Supabase Inc., 970 Toa Payoh North #07-04, Singapore 318992 for storing application data. Database instances run in data centers in the European Union (Frankfurt am Main).
Supabase privacy policy: https://supabase.com/privacy
4.3 Transactional email (Resend)
For transactional email (inquiry confirmations, replies to clients) we use Resend, Inc., 2261 Market Street #4667, San Francisco, CA 94114, USA. Email addresses and message content are processed for delivery.
Data processing partly takes place in the USA. Transfers are based on Standard Contractual Clauses and the EU-US Data Privacy Framework.
Resend privacy policy: https://resend.com/legal/privacy-policy
4.4 Domain and CDN (Cloudflare)
Domain management and CDN services are provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare operates a globally distributed network and processes connection data to accelerate and protect the website.
Cloudflare privacy policy: https://www.cloudflare.com/privacypolicy/
4.5 Analytics (PostHog)
We use PostHog to analyze how the website is used. We run the EU version of the service (PostHog Cloud EU), hosted in Frankfurt am Main by PostHog Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA.
We capture page views, click paths, device and browser information, and a pseudonymized user identifier. IP addresses are anonymized. Data is retained for 12 months.
Processing is based on your consent (cookie banner) under Art. 6 para. 1 lit. a GDPR and Art. 31 para. 1 revDSG. You can withdraw your consent at any time through the cookie banner.
PostHog privacy policy: https://posthog.com/privacy
4.6 Fonts (Geist via Vercel)
We use the Geist and Geist Mono typefaces, delivered through the Vercel infrastructure. There is no direct connection to third-party providers such as Google Fonts. The fonts are served locally through Vercel.
5. Cookies and comparable technologies
Our website uses cookies and similar technologies. We distinguish between strictly necessary cookies (for example, to store your cookie preferences) and optional cookies for analytics.
On your first visit, a cookie banner gives you the choice to accept or decline optional cookies. You can change your preference at any time using the "Cookie settings" link in the footer.
| Name | Provider | Purpose | Storage period |
|---|---|---|---|
| enlix_consent | ENLIX | Stores your cookie preferences | 12 months |
| ph_* | PostHog | Usage analytics | 12 months |
6. Your rights
You have the right to:
- request information about the data we hold about you
- have inaccurate data corrected
- have your data deleted, unless statutory retention obligations apply
- restrict processing
- data portability
- withdraw your consent to data processing at any time with effect for the future
- object to processing where it is based on a legitimate interest
- lodge a complaint with a supervisory authority
Supervisory authorities:
In Switzerland: Federal Data Protection and Information Commissioner (FDPIC), https://www.edoeb.admin.ch
In Germany: the state data protection authority responsible for your federal state.
In Austria: Austrian Data Protection Authority, https://www.dsb.gv.at
7. Data security
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
8. Updates to this privacy policy
This privacy policy is currently valid and has the status shown above. As we continue to develop our website and offerings, or in response to changed legal requirements, we may need to update this policy. The current version is always available on this page.
9. Privacy contact
For questions about how we collect, process, or use your personal data, requests for information, correction, restriction, or deletion of data, or withdrawal of consent, please contact: hello@enlix.ai