Privacy Policy
Last updated: February 2026
1. Introduction & Scope
This Privacy Policy explains how webwiki GmbH ("we", "us", "our"), operator of SaaSValuation.io, collects, uses, stores, and protects personal data when you visit or use this website. It applies to all pages and features available at saasvaluation.io.
We are committed to processing personal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telemedia Act (TMG).
2. Data Controller
The controller responsible for data processing on this website is:
webwiki GmbHWilly-Brandt-Platz 16
90402 Nuremberg, Germany
Email: [email protected]
3. Data We Collect & Why
3.1 Server Log Data (every page visit)
Our web server automatically records standard access log data each time you visit the site. This includes your IP address, browser and operating system (User-Agent string), referring URL, date and time of request, and HTTP status code.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in ensuring the technical security and availability of the service.
Retention: Server logs are retained for up to 30 days and then automatically deleted.
3.2 Contact by Email
If you contact us by email, we process your name, email address, and the content of your message in order to respond to your enquiry.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).
Retention: Email correspondence is retained for as long as necessary to handle your enquiry, or up to 3 years for statutory limitation reasons.
4. Third-Party Services
4.1 OpenAI (Valuation Analysis)
We use the OpenAI API (openai.com) to generate strategic valuation insights and recommendations. When you submit the calculator, the financial metrics you entered may be included in a prompt sent to OpenAI's servers.
These requests are made server-side. We do not transmit your IP address, User-Agent, or any directly identifying personal data to OpenAI. Only the anonymised financial figures are included.
By using the calculator you acknowledge that your entered financial metrics may be processed by OpenAI under their Privacy Policy and Usage Policies.
4.2 Google Fonts
This website loads the Inter typeface from Google Fonts. When your browser requests the font files, your IP address is transmitted to Google's servers in the United States.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in serving a consistent, accessible typeface. For details see Google's Privacy Policy.
4.3 Google Favicon Service
Company logos displayed in the Public SaaS Valuations table are retrieved from Google's Favicon API. When your browser loads a logo image, your IP address is transmitted to Google.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in displaying recognisable company branding. See Google's Privacy Policy.
5. Cookies & Local Storage
We do not use tracking cookies, analytics cookies, or advertising cookies. We do not use localStorage or sessionStorage in our frontend application.
Our web framework sets the following technically necessary session cookies:
| Cookie | Purpose | Duration |
|---|---|---|
| XSRF-TOKEN | CSRF protection (security) | Session |
| laravel_session | Server-side session management | 2 hours |
Legal basis: Art. 6(1)(f) GDPR — these cookies are strictly necessary for the secure operation of the website and cannot be disabled.
6. International Data Transfers
OpenAI and Google are US-based companies. Data transferred to them may be processed in the United States or other countries outside the European Economic Area (EEA). Both companies rely on the EU Standard Contractual Clauses (SCCs) and other adequacy mechanisms to ensure an appropriate level of data protection in accordance with Art. 46 GDPR.
7. Your Rights Under GDPR
As a data subject under the GDPR, you have the following rights. To exercise any of them, please contact us at the address in §2.
- ✓Right of Access (Art. 15 GDPR)
You may request confirmation of whether we process personal data about you, and if so, obtain a copy of that data.
- ✓Right to Rectification (Art. 16 GDPR)
You may request that inaccurate or incomplete personal data be corrected.
- ✓Right to Erasure (Art. 17 GDPR)
You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where processing is unlawful.
- ✓Right to Restriction (Art. 18 GDPR)
You may request that we restrict the processing of your data in certain circumstances.
- ✓Right to Object (Art. 21 GDPR)
You may object to processing based on legitimate interests. We will then cease processing unless we can demonstrate compelling legitimate grounds.
- ✓Right to Lodge a Complaint (Art. 77 GDPR)
You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. The competent authority for webwiki GmbH is the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA).
8. No Web Analytics or Advertising
We do not use Google Analytics, Facebook Pixel, or any other web analytics or advertising tracking tools on this website. No user behaviour is profiled for advertising purposes.
9. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. All data is transmitted via TLS/HTTPS encryption. Access to the administration area and database is restricted and protected.
10. Changes to this Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The date at the top of the page will always reflect the most recent version. We encourage you to review this page periodically.
11. Contact & Data Protection Enquiries
For any questions about this Privacy Policy or to exercise your data subject rights, please contact us at: