Privacy Policy

Last updated: 2026-06-09

This Privacy Policy explains how Layota processes personal data across the marketing site (layota.app, including the early-access waitlist) and the Layota application (app.layota.app — the map editor, embeddable viewer, billing and support).

1. Data controller

Ildar Mingazov
Siegmund-Schacky-Straße 18C
80993 München, Germany
Email: [email protected]

2. Data we collect

Account & application data

When you create or use a Layota account we process:

  • Email address and name
  • Password — stored only as a salted hash, never in plaintext
  • If you use “Sign in with Google”: your Google account identifier and verified email
  • If you enable two-factor authentication: an encrypted authenticator secret and hashed one-time backup codes
  • The content you create in the editor: projects, floor levels, areas, markers and uploaded images
  • Billing data: your plan, subscription status and invoices. Card details are handled solely by Stripe — Layota never sees or stores card numbers.
  • Operational records: audit-log entries of actions in your organization (including IP address), and any support or contact messages you send us

Map analytics (embedded maps)

When a customer embeds a Layota map on their website and turns on analytics, Layota records minimal interaction events — the clicked area/marker (id and name), the floor, and a timestamp. No IP addresses, cookies, device fingerprints or persistent identifiers are recorded for these events, and event parameters are restricted to a fixed allow-list. For this analytics the embedding customer is the data controller and Layota acts as processor on their behalf; the customer is responsible for informing their own site visitors.

Waitlist form

When you submit the waitlist form on layota.app, we collect:

  • Email address (required)
  • Language preference (en or de, derived from the URL)
  • Page referrer (where you came from)
  • IP-derived country code (via Cloudflare's cf-ipcountry header — country only, not the full IP)
  • Browser user-agent string
  • Submission timestamp

Server logs

Our infrastructure providers automatically log basic request data (timestamp, request URL, response status, user-agent, IP address) to operate the service, prevent abuse, and improve performance.

Analytics — Cloudflare Web Analytics

We use Cloudflare Web Analytics on both layota.app and app.layota.app to understand how they are used. It is a privacy-by-design analytics service that:

  • Does not use cookies, localStorage, or sessionStorage
  • Does not create persistent identifiers — we cannot recognize you across visits or sites
  • Does not use device fingerprinting
  • Collects only aggregated, anonymous metrics: page paths, referrers, country code, browser family, and Core Web Vitals (loading performance)
  • Processes IP addresses transiently to determine country only — raw IPs are never stored

Legal basis: Art. 6 (1) (f) GDPR — legitimate interest in operating, securing and improving the service. Because the data is anonymous and no identifiers are stored on your device, no cookie consent is required. To opt out at the browser level, send a DNT: 1 request header. Cloudflare's terms: cloudflare.com/privacypolicy.

3. Why we process this data

  • To provide the application — your account, your maps, and billing for paid plans
  • To contact waitlist subscribers about Layota's launch (waitlist purpose)
  • To keep the service secure and prevent spam and abuse
  • To understand how the site and product are used

4. Legal basis

  • Contract (Art. 6 (1) (b) GDPR) — your account, your content and billing: needed to provide the service you signed up for.
  • Consent (Art. 6 (1) (a)) — the waitlist form (you tick the consent checkbox). You can withdraw consent anytime by emailing [email protected]; withdrawal does not affect processing carried out beforehand.
  • Legitimate interest (Art. 6 (1) (f)) — server logs, audit logging, security/abuse-prevention, and privacy-friendly analytics.

5. Recipients & international transfers

We do not sell or rent your personal data. We share it only with the processors needed to run Layota. Some are headquartered in the US; transfers outside the EEA are covered by EU Standard Contractual Clauses (SCCs) and, where applicable, the EU–US Data Privacy Framework.

  • Hetzner Online GmbH — application hosting, database and cache (Germany, EU)
  • Cloudflare, Inc. — CDN, object storage (R2), edge functions and Web Analytics (US; SCCs / DPF)
  • Stripe, Inc. — payments and subscriptions (US; SCCs / DPF)
  • Google LLC — “Sign in with Google” and transactional email (US; SCCs / DPF)

6. Where data is stored

Account and application data (database, cache) are hosted by Hetzner in Germany. Uploaded files are stored in Cloudflare R2 within the European Union. Confidential support uploads (e.g. floor plans, contracts) are kept in a non-public bucket and served only via short-lived signed links. Waitlist entries are stored in Cloudflare's D1 database (EU).

7. Retention

  • Account & content — until you delete your account
  • Audit logs (including IP address) — 90 days (security & abuse-defence)
  • Webhook delivery logs — 30 days
  • Contact / sales enquiries — up to 365 days
  • Map analytics — raw events 7 days, aggregated counts 30 days
  • Waitlist entries — until 12 months after public launch, or earlier on request

8. Your rights

Under GDPR you have the right to access, rectification, erasure, restriction, portability, to object, to withdraw consent, and to lodge a complaint with a supervisory authority (in Germany, the data protection authority of your federal state). In particular:

  • Portability / access — you can obtain a machine-readable (JSON) copy of your account data; the application supports a data export, or email us and we provide it.
  • Erasure — deleting your account in the app permanently removes your account, the organizations you solely own, their projects and files, and cancels any subscription. Audit-log identifiers may persist for up to the audit-retention window above on the basis stated there.
  • To exercise any right, email [email protected]. Waitlist subscribers can also self-remove at /unsubscribe.

9. Cookies

Neither the marketing site nor the application sets third-party tracking cookies. The application stores authentication tokens in your browser to keep you signed in (strictly necessary). Cloudflare may set strictly-necessary cookies for security and routing, and our analytics operates without cookies.

10. Changes to this policy

We may update this Privacy Policy as Layota evolves. The “Last updated” date at the top reflects the latest revision.