Privacy Policy

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website.

2. Data Collection on This Website

Who is responsible for data collection?

Data processing on this website is carried out by the website operator:

RoofCheck.AI
Schäferstrasse 45
19053 Schwerin
Deutschland (EU)
E-Mail: support@roofcheck.ai

Data Protection Officer

The appointment of a Data Protection Officer is currently not required under §38 BDSG, as fewer than 20 persons are regularly involved in automated processing of personal data. For data protection inquiries, please contact: support@roofcheck.ai

3. Your Rights

Under the GDPR, you have the following rights: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection (Art. 21). You may exercise these rights at any time free of charge by contacting us at support@roofcheck.ai. This is based on Art. 15–21 GDPR.

Use our GDPR Self-Service Portal to exercise your rights directly online: GDPR Self-Service Portal →

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data (Art. 77 GDPR). Competent authority: The State Commissioner for Data Protection and Freedom of Information Mecklenburg-Vorpommern, Werderstraße 74a, 19055 Schwerin, Germany.

4. Analytics and Third-Party Tools

Google Solar API

We use Google Solar API for roof surface and solar potential analysis. Location data is transmitted to Google. https://policies.google.com/privacy

Mapbox

We use Mapbox for map displays and geocoding. https://www.mapbox.com/legal/privacy

Sentry

We use Sentry for error logging (Art. 6(1)(f) GDPR). Provider: Functional Software, Inc., San Francisco, USA.

Plausible Analytics

We use Plausible Analytics for privacy-friendly analysis. Cookieless measurement, no IP storage. Provider: Plausible Insights OÜ, Estonia (EU). https://plausible.io/data-policy

Google Analytics

We use Google Analytics (Google Ireland Limited) for statistical analysis. Legal basis: consent (Art. 6(1)(a) GDPR). Google LLC is certified under the EU-U.S. Data Privacy Framework.

Google Gemini AI

We use Google Gemini API for AI-powered analyses. No personal data is transmitted — only technical analysis data (roof area, orientation, location). Art. 6(1)(f) GDPR. https://policies.google.com/privacy

Brevo (Email Delivery)

We use Brevo (formerly Sendinblue) for transactional emails. Provider: Sendinblue GmbH, Berlin, Germany (EU). Art. 6(1)(a)+(b) GDPR. https://www.brevo.com/legal/privacypolicy/

Gotenberg (Open-Source PDF Engine)

We use Gotenberg to generate the EU Protection Dossier as a PDF document. Analysis data is converted into PDF documents locally on the server. No external data transfer — Gotenberg runs as a Docker container on the same server. Legal basis: Art. 6(1)(b) GDPR (performance of contract).

Redis (Open-Source In-Memory Database)

We use Redis for temporary data storage: rate limiting, session management and caching. IP addresses and session data are stored temporarily (max. 24h). Redis runs as a Docker container on the same server — no external data transfer. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in system security).

Data Processors (DPA Overview)

Google Maps, Places and Solar API

We use Google Maps Platform for geolocation and analysis of roof surfaces and solar potential. The following data is transmitted to Google:

• User’s IP address
• Entered address and location data
• Geographic coordinates

Legal basis: Art. 6(1)(b)+(f) GDPR. Google is certified under the EU-U.S. Data Privacy Framework. Google Privacy Policy.

5. Hosting

This website is hosted externally. Personal data is stored on the host’s servers.

6. Contact

For data protection inquiries, please contact us at:
support@roofcheck.ai

Data Processing for Protection Status Check

If you consent to the protection status check in the analysis form, the following personal data will be processed for risk assessment:

• Name
• Email address
• Analysis key data (location, roof area, estimated capacity)

Recipients: GDPR-compliant solar specialist contractors and insurance partners, exclusively for protection status verification and risk assessment.

Legal basis: Art. 6(1)(a) GDPR (consent). Withdrawal: At any time by email to support@roofcheck.ai.

Note: Consent is not a prerequisite for using the free solar analyses or protection reports.

Data Retention

• Solar analyses: 24 months from creation, then automatically deleted.
• Lead data (with consent): Until withdrawal, maximum 36 months.
• Server logs: 30 days, then automatically deleted.
• Functional cookies: 12 months (language, country).
• Analytics cookies (Plausible): No persistent cookies — cookieless measurement.

Hosting and Infrastructure

This website runs on servers of Hostinger International Ltd., Netherlands. Data centre: Frankfurt am Main, Germany.

All personal data is processed and stored exclusively on servers within the European Union (Art. 44 ff. GDPR).