Remy
Sign in

Privacy Policy

How we protect and handle your personal information

Based in Germany, the home of GDPR, we take your privacy seriously and adhere to the highest standards of data protection.

1. Information We Collect

Personal Information

When you use Remy, we collect the following information:

  • Your email address for sending digest summaries
  • Your digest frequency preferences
  • Newsletters sent to your Remy inbox address

Usage Information

We automatically collect certain information about how you use our service, including access logs and usage patterns to improve our service quality.

2. How We Use Your Information

We use your information solely to provide our newsletter digest service:

  • Processing and summarizing newsletters sent to your Remy inbox
  • Sending you digest summaries at your chosen frequency
  • Providing access to your dashboard and settings

3. Information Sharing

We never sell your personal information

We do not sell, trade, or otherwise transfer your personal information to third parties for commercial purposes. Your email content and personal data remain private and are used exclusively to provide our service.

Your data is never used to train AI models or algorithms.

4. Data Security

We implement appropriate security measures to protect your information:

  • Encrypted data transmission and storage
  • Secure access controls and authentication
  • Regular security audits and updates

5. Responsible Entity

The responsible entity for data processing on this website is listed in our Imprint.

The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

6. Data Retention

We retain your information only as long as necessary to provide our service and comply with legal obligations:

  • Account Data: Retained until you request deletion or close your account
  • Email Content: Processed emails are retained for service functionality and deleted upon account closure
  • Usage Logs: Technical logs are retained for up to 30 days for service improvement

You can request deletion of your account and associated data at any time by contacting us.

7. Your Rights as a Data Subject

Under applicable data protection laws, you have comprehensive rights regarding your personal data:

  • Access, Rectification, and Deletion: You have the right to free information about your stored personal data, its origin and recipients, and the purpose of data processing at any time within the framework of applicable legal provisions. You also have the right to rectification or deletion of this data.
  • Withdrawal of Consent: Many data processing operations are only possible with your express consent. You can withdraw consent that has already been given at any time. The lawfulness of data processing carried out until the withdrawal remains unaffected by the withdrawal.
  • Right to Object (Art. 21 GDPR): You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data. We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing.
  • Right to Lodge a Complaint: In case of violations of data protection law, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your residence, workplace, or the place where the alleged violation occurred.
  • Right to Data Portability: You have the right to have data that we process automatically handed over to yourself or to a third party in a machine-readable format. If you request direct transfer of data to another controller, this will only be done if technically feasible.
  • Right to Restriction of Processing: You have the right to request restriction of processing of your personal data if you contest the accuracy of the data, if processing is unlawful, or if we no longer need the data but you need it for legal claims.

8. SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the "https://" in the address bar and the lock symbol in your browser.

All data transmitted to and from our service is encrypted using industry-standard SSL/TLS protocols.

9. Cookies

We prioritize your privacy and use minimal tracking technology. We do not use cookies for tracking, analytics, or advertising purposes. Our service operates without storing unnecessary data on your device, ensuring maximum privacy.

We only use essential technical cookies that are absolutely necessary for the basic functionality of our service, such as maintaining your session when you access your dashboard.

10. External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of our hosting provider:

Hetzner Online GmbH
Industriestraße 25
91710 Gunzenhausen, Germany
Website: www.hetzner.com

Our hosting provider processes your data only to the extent necessary to maintain the functionality and security of our website. Hetzner Online GmbH is a European company subject to strict German and EU data protection laws.

11. Subprocessors and Service Providers

To provide our service, we work with carefully selected subprocessors who process personal data on our behalf. All subprocessors are bound by strict data processing agreements (DPAs) and must comply with GDPR requirements:

SendGrid (Twilio Inc.)

Purpose: Email processing, sending, and receiving services

Data processed: Email addresses, email content, delivery logs

Location: United States (Adequacy Decision under GDPR)

Privacy Policy: www.twilio.com/legal/privacy

Legal basis: Necessary for contract performance (Art. 6(1)(b) GDPR)

Mistral AI

Purpose: AI-powered newsletter summarization and content processing

Data processed: Newsletter content for summarization (text only, no personal information)

Location: European Union (France)

Privacy Policy: mistral.ai/terms

Legal basis: Necessary for contract performance (Art. 6(1)(b) GDPR)

EU-based AI provider with strict data protection guarantees

Your data is not used to train or improve Mistral's models

Ahrefs Web Analytics

Purpose: Privacy-focused website analytics and usage statistics

Data processed: Anonymized usage data, page views, referrers (no personal data)

Location: Singapore and European Union

Privacy Policy: ahrefs.com/legal/privacy-policy

Legal basis: Legitimate interest for service improvement (Art. 6(1)(f) GDPR)

GDPR-compliant analytics without cookies or personal data collection

Sentry (Sentry Inc.)

Purpose: Error tracking and application monitoring for service reliability

Data processed: Technical error logs, IP addresses (anonymized), browser information

Location: United States (Standard Contractual Clauses)

Privacy Policy: sentry.io/privacy

Legal basis: Legitimate interest for service improvement and security (Art. 6(1)(f) GDPR)

No personal email content is transmitted to Sentry

Stripe Payments Europe, Ltd.

Purpose: Payment processing and subscription billing for Remy Plus

Data processed: Email address, payment method tokenized identifiers, transaction metadata (we do not store full card numbers)

Location: European Union (Ireland) with global infrastructure (Standard Contractual Clauses where applicable)

Privacy Policy: stripe.com/privacy

Legal basis: Necessary for contract performance (Art. 6(1)(b) GDPR) and compliance with legal obligations (Art. 6(1)(c) GDPR)

Sensitive payment data is processed directly by Stripe; we only receive secure tokens and billing status.

Your Rights Regarding Subprocessors

  • You have the right to object to the use of specific subprocessors
  • We will notify you of any changes to our subprocessor list
  • All subprocessors are bound by strict data protection agreements

12. Data Processing Agreements

We have concluded data processing agreements (DPA) with the above-mentioned service providers. These ensure that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

Strict Compliance

All service providers must comply with GDPR requirements and our data protection standards.

Written Agreements

Formal contracts ensure accountability and proper data handling procedures.

Regular Monitoring

We regularly review and monitor compliance with our data protection requirements.

13. Objection to Advertising Emails

We hereby object to the use of contact data published within the framework of our legal notice obligation for sending unsolicited advertising and informational materials. The operators of this website explicitly reserve the right to take legal action in case of unsolicited sending of advertising information, such as spam emails.

14. Updates to Privacy Policy

We may update this privacy policy from time to time. We will notify users of significant changes via email. Continued use of our service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this privacy policy or how we handle your data, please contact us:

Email: hello@remyreads.nl
Website: https://remyreads.nl

Last updated: September 25, 2025

Back to Home