Privacy Policy
Last updated: 9 June 2026
Privacy Policy
1. Controller
The controller responsible for data processing on this website is:
ITz-Easy Tobias Itzel
Gänsstücke 14
67819 Kriegsfeld
Deutschland
2. Overview of Data Processing
Purposes of Processing
We process your data for the following purposes:
- Provision of the TermShelf Legal Content Operations service: management of legal documents, versions, approvals and publications
- Public Delivery API: delivery of approved legal texts (HTML/JSON/PDF) to the user's configured websites, apps and transactional systems
- Transactional delivery: embedding approved texts in order confirmations, emails and checkout flows
- Live drift scan: automated checks that configured target systems serve the currently approved version of each legal text
- AI-assisted text suggestions (user-controlled): generation of change suggestions for legal texts; adoption is performed exclusively by the user
- User account management: registration, authentication, workspace/team/role management
- Billing: management of plans, quotas, invoice references and payment status
- Technical operation: ensuring functionality, security, abuse prevention and error analysis
Processing is carried out on the basis of:
- your consent (Art. 6 (1) lit. a GDPR), where consent is required
- performance of a contract or pre-contractual measures (Art. 6 (1) lit. b GDPR)
- our legitimate interests in secure, stable and low-abuse operation (Art. 6 (1) lit. f GDPR)
Requirement to provide data: Certain information, such as email address and login data, is required to provide the service. Without this data, use of TermShelf is not possible or only possible to a limited extent.
3. Categories of Data Processed
Project, publication and analysis data
TermShelf stores the data required to manage, approve, deliver and monitor legal texts. This includes in particular:
- account and workspace data, such as name, email address, workspace/team assignment, roles and settings
- brand, site and domain configurations, such as brand name, site slug, locale, market assignment and domain hostnames
- legal-text content, such as drafts, versions, approved states, variable and snippet values and their per-brand/locale overrides
- delivery telemetry, such as which site requested which version of a legal text and when, including request metadata
- drift scan configurations and results, such as configured target URLs, check intervals and detected discrepancies
- AI suggestion data, such as user-initiated text-editing instructions and the change suggestions generated from them
- billing data, such as Stripe customer/subscription IDs, plan status, quota status and invoice references
- technical operational data, such as log events, error codes, audit entries, security events and rate-limit information
TermShelf processes the user's legal texts as well as associated configuration and telemetry data. Please do not enter confidential information, trade secrets, special categories of personal data or other sensitive content into legal texts, variable values, snippet content or configurations unless this is necessary and legally permissible.
What we store, briefly and concretely
| Stored | Examples | Why? |
|---|---|---|
| Account and team data | Email address, workspace, roles, settings | So login, collaboration and access control can function |
| Brand/site data | Brand name, site slug, domains, locales, markets | So legal texts can be assigned to a publication context |
| Legal-text content | Drafts, versions, approvals, overrides | So versions can be managed, approved and delivered |
| Delivery telemetry | Request timestamp, requested version, target site | So drift can be detected and delivery made traceable |
| Drift scan results | Configured URLs, discrepancies, timestamps | So compliance gaps can be identified and prioritized |
| Billing data | Stripe IDs, status, invoice references | Processing of payments, plans and quotas |
| Technical operational data | Log events, error codes, audit entries | Security, abuse prevention, error analysis |
Stored vs. not stored
| Data category | Stored by TermShelf? | Where it is stored instead / note |
|---|---|---|
| Account and login data | Yes | At TermShelf |
| Brand, site and legal-text configurations | Yes | At TermShelf |
| Legal-text content and versions | Yes | At TermShelf |
| User AI suggestion instructions | Yes | At TermShelf; transmitted to AI providers for suggestion generation |
| Publicly accessible content of target sites | Yes, where required for drift scan | Originates on the respective target site |
| Non-public content of target sites | No | Held by the respective site/system operator |
| Access credentials for third-party systems | No | Not required for retrieving publicly accessible content |
| Payment data, such as card or bank details | No | At Stripe |
| End-customer/order/checkout content of customer websites | No | TermShelf stores no order, checkout or other business content data from customer systems. |
| Connection data of website visitors (with client-side embedding) | Possibly, as logs/counters | With direct client-side embedding, TermShelf processes the technically necessary connection data of the requesting device (see “Delivery of legal texts”). |
| Special categories of personal data | Not intended | Please do not enter such data in legal texts, variables or configurations |
Technical Data
- IP address (shortened/anonymized where possible)
- browser type and version
- operating system
- referrer URL
- time of access
- accessed pages and technical request metadata
- error, security and rate-limit events
4. Retention Periods
| Type of data | Retention period |
|---|---|
| Account, workspace and team data | As long as the account is active |
| Brand, site, legal-text and override configurations | As long as the project or account is active, or until deleted by the user |
| Legal-text versions and approval history | As long as the project or account is active; approved versions are retained for traceability in accordance with the plan-specific retention periods |
| Delivery telemetry and drift-scan results | As long as the project or account is active, or until deleted by the user |
| Server access logs | 7 days |
| App/audit logs | 30 days |
| Billing/invoice references | Generally up to 10 years under commercial and tax law; payment data is held by Stripe |
Account deletion: When you delete your account, the account, project, legal-text, telemetry and scan data stored at TermShelf will be deleted or made inaccessible unless statutory retention obligations apply. Technical residual data may still be contained in backups and will be removed as part of the backup rotation within a maximum of 30 days.
Export & Deletion
- Data export: Upon request, we will provide you with the data stored in a commonly used format.
- Deletion: “Delete account” in the product deletes stored data in accordance with the retention periods and statutory retention obligations described above.
5. Recipients, Processors & Third-Country Transfers
Delivery of legal texts
TermShelf delivers approved legal texts via a Public Delivery API and transactional endpoints to the target systems configured by the user (websites, apps, dispatch services, shop/checkout systems). The target systems are technically contacted; only the content of the requested legal text and technical request metadata are transmitted.
If the user embeds delivery server-side or via their own proxy, only the user's own systems call the TermShelf endpoints. In that case, no connection data of website visitors' devices becomes visible to TermShelf.
If, however, the user embeds delivery artifacts directly client-side – for example, a website visitor's browser calls the Public Delivery API or a PDF endpoint directly – TermShelf processes the technically necessary connection data of the requesting device. Depending on the integration, this may include: IP address, user agent, referrer, time, requested site/property, document type, locale, version, and cache and response metadata.
These delivery logs and counters serve operation, security, quota enforcement, abuse prevention and traceability of delivery. For especially data-minimizing integrations, a server-side or proxy-based embedding is recommended.
Live drift scan
To detect discrepancies between the approved and live-served version, TermShelf retrieves the public URLs configured by the user and analyzes only the publicly accessible legal-text content found there. Non-public content is not processed.
AI providers for text suggestions
To generate change suggestions, TermShelf may engage AI model providers. Only the excerpts of the legal text under revision and the user's instructions are transmitted; personal data of the user's end customers is not transmitted in this context.
Specific providers may vary depending on plan, region and enabled features. Examples of possible provider classes include AI model providers, CDN and hosting providers, and technical analysis providers.
Where providers outside the EU or EEA are used, a third-country transfer may take place. Where required, we base such transfers on appropriate safeguards such as adequacy decisions, standard contractual clauses or comparable protection mechanisms.
Hosting
Our website and servers are operated by: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany
Payment Processing
We use Stripe for payments. Stripe processes payment data, such as card data, under its own responsibility. TermShelf stores only the necessary references, such as Stripe customer/subscription ID, payment/invoice status and plan information.
Legal basis: performance of a contract (Art. 6 (1) lit. b GDPR) and legitimate interests in operation, security, abuse prevention and product improvement (Art. 6 (1) lit. f GDPR). Where consent is required, processing is based on Art. 6 (1) lit. a GDPR.
6. Analytics, Tracking & Security Measures
We currently do not use any external analytics or tracking services.
Security Measures (TOMs)
All connections to TermShelf are exclusively encrypted via HTTPS (TLS). This applies to the web application, the Public Delivery API and all transactional delivery endpoints. Outdated and insecure protocol versions are disabled.
Transparency statement
In response to official or judicial requests, we are generally only able to provide the metadata and account data stored with us — to the extent that we are legally required to do so.
No Automated Decision-Making
No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place.
7. Cookies
We only use technically necessary cookies/storage that are required for login and secure use (Art. 6 para. 1 lit. b GDPR / Art. 6 para. 1 lit. f GDPR).
Technically Necessary Cookies
TermShelf uses only strictly necessary cookies. These are required to provide the service (in particular authentication, session management and security/CSRF protection) and are set without consent (Art. 6(1)(b) GDPR, § 25(2)(2) TTDSG). No profiling or tracking for marketing or analytics purposes takes place.
8. Your Rights
You have the following rights with regard to your personal data:
- Right of access (Art. 15 GDPR): right to obtain information about your stored data
- Right to rectification (Art. 16 GDPR): right to have inaccurate data corrected
- Right to erasure (Art. 17 GDPR): right to have your data deleted
- Right to restriction of processing (Art. 18 GDPR): right to restrict processing
- Right to data portability (Art. 20 GDPR): right to receive your data in a commonly used format
- Right to object (Art. 21 GDPR): right to object to processing
- Right to withdraw consent (Art. 7 (3) GDPR): right to withdraw consent previously given
To exercise your rights, please contact: data-privacy@termshelf.com
9. Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.
10. Updates
This privacy policy is updated as needed. The current version date is noted at the beginning of this document.