Privacy Policy
Last updated: March 6, 2026
1. Controller
The controller responsible for data processing on this website is:
FORMM Media & Marketing
Edisonstrasse 63
12459 Berlin
Germany
Email: hello@formm.agency
Phone: (+49) 030 20 966 321
2. Data We Collect
2.1 Account Data
When you create an account, we collect:
• Email address
• Password (encrypted)
• Account creation date
• Subscription tier (free, starter, pro)
2.2 Brand Analysis Data
When you use our analysis tool, we store:
• Brand name
• Industry
• Target audience
• Brand values and personality
• Analysis results (archetype, design system, etc.)
2.3 Technical Data
Our hosting provider (Vercel) automatically collects:
• IP address
• Browser type and version
• Date and time of access
• Pages visited
• Referring website
3. Legal Basis for Processing
We process your data based on:
• Contract performance (Art. 6(1)(b) GDPR): To provide our services
• Legitimate interests (Art. 6(1)(f) GDPR): To improve our service and prevent fraud
• Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent
4. Third-Party Services
4.1 Supabase (Authentication & Database)
We use Supabase for authentication and data storage.
Privacy Policy: https://supabase.com/privacy
4.2 OpenAI (Data Processing)
We use OpenAI's GPT-4o to match your brand data against our proprietary Neuroscience Matrix (based on Jung, Kahneman, Scheier, and StoryBrand frameworks).
Important: We do NOT use AI to analyze or interpret your brand. AI is only used to compare your data with our established neuroscience frameworks.
Privacy Policy: https://openai.com/privacy
Note: Your data is not used to train OpenAI's models (API data retention policy).
4.3 Vercel (Hosting)
This website is hosted on Vercel.
Privacy Policy: https://vercel.com/legal/privacy-policy
5. Data Retention
We retain your data as long as:
• Your account is active
• Required by law (e.g., tax records: 10 years)
• Necessary for legitimate business purposes
You can request deletion of your account and data at any time.
6. Your Rights (GDPR)
You have the right to:
• Access your personal data
• Rectification of incorrect data
• Erasure ("right to be forgotten")
• Restriction of processing
• Data portability
• Object to processing
• Withdraw consent at any time
To exercise these rights, contact us at: hello@formm.agency
7. Data Security
We implement appropriate technical and organizational measures to protect your data:
• SSL/TLS encryption (HTTPS)
• Encrypted password storage
• Regular security updates
• Access controls and authentication
8. Cookies & Tracking Technologies
This website uses cookies to provide essential functionality and, with your consent, to analyze usage and optimize marketing campaigns.
You can manage your cookie preferences at any time by clicking the "Cookie Settings" button in the footer or by visiting this page and scrolling down to the cookie preference section.
8.1 What are Cookies?
Cookies are small text files that are stored on your device when you visit a website. They help websites remember your preferences and improve your experience.
8.2 Cookie Categories
Essential Cookies (Always Active)
These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt-out of these cookies.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| sb-*-auth-token | Supabase | User authentication and session management | Session |
| neurobase_session | NeuroBase | Session management and user preferences | Session |
| neurobase_cookie_consent | NeuroBase | Stores your cookie consent preferences | 1 year |
Analytics & Marketing Cookies (Optional - Requires Consent)
These cookies help us understand how visitors interact with our website and measure the effectiveness of our marketing campaigns. They are only activated if you give your consent.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique users | 2 years |
| _gid | Google Analytics | Distinguishes unique users | 24 hours |
| _gat | Google Analytics | Throttles request rate | 1 minute |
| _ga_* | Google Analytics 4 | Stores session state | 2 years |
| _gcl_au | Google Ads | Conversion tracking | 90 days |
| _gcl_aw | Google Ads | Ad click attribution | 90 days |
| _gcl_dc | Google Ads | DoubleClick conversion tracking | 90 days |
Google Analytics: We use Google Analytics to understand how visitors use our website. The data collected is anonymized (IP anonymization enabled) and used solely for statistical analysis.
Privacy Policy: https://policies.google.com/privacy
Google Ads: We use Google Ads to measure the effectiveness of our advertising campaigns and track conversions (e.g., sign-ups, purchases).
Privacy Policy: https://policies.google.com/privacy
8.3 How to Control Cookies
You have several options to control cookies:
1. Cookie Settings on This Website:
Click the "Cookie Settings" button at the bottom of any page to change your preferences at any time.
2. Browser Settings:
Most browsers allow you to refuse or delete cookies. Please note that disabling essential cookies may affect website functionality.
• Chrome
• Firefox
• Safari
• Edge
3. Opt-Out Tools:
• Google Analytics: Browser Add-on
• Google Ads: Ad Settings
8.4 Third-Party Cookies
We do not use third-party cookies from social media platforms or external advertising networks. The only third-party cookies are from Google Analytics and Google Ads, which you can opt out of.
9. International Data Transfers
Your data may be processed in:
• European Union (Supabase, Vercel EU regions)
• United States (OpenAI API)
Data transfers to the US are covered by Standard Contractual Clauses (SCCs) and adequacy decisions where applicable.
10. Children's Privacy
Our service is not intended for children under 16. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes via email or a prominent notice on our website.
12. Contact & Complaints
For privacy-related questions or complaints:
Email: hello@formm.agency
You also have the right to lodge a complaint with a supervisory authority:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219
10969 Berlin
Germany
Website: www.datenschutz-berlin.de