New Auto-generated GIFs from every click. Watch demo

Privacy Notice

Last updated: April 14, 2026

This Privacy Notice explains how HappySupport UG (haftungsbeschrankt) ("HappySupport", "we", "us", "our") collects, uses, and protects your personal data when you visit our website or use our Service. We process your data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Data Controller

HappySupport UG (haftungsbeschrankt)
c/o Campus Founders
Bildungscampus 11
74076 Heilbronn, Germany

Email: contact@happysupport.ai
Web: www.happysupport.ai
Legal representative: Niklas Gysinn

2. What Data We Collect

2.1 Account Data

When you create an account, we collect:

  • First name and last name
  • Email address
  • Password (stored as a cryptographic hash, never in plain text)
  • Company name (optional)

2.2 Service Usage Data

When you use the Service, we process:

  • Help center articles, guides, and recordings you create
  • Configuration settings (branding, widget setup, integrations)
  • GitHub repository data (for HappyAgent: we mirror your repository to detect UI changes via CSS selectors and update guides accordingly)
  • Widget interaction data (page views, clicks on guides, tour completions)

2.3 Technical Data

When you access our website or Service, our servers automatically collect:

  • IP address (anonymized for analytics)
  • Browser type and version
  • Operating system
  • Referring URL
  • Pages visited and time of access
  • Device identifiers

2.4 Communication Data

When you contact us via email or through the Service, we process the content of your messages, your email address, and any attachments you send.

2.5 Payment Data

Payment transactions are handled by our payment processor, Stripe. We do not store your credit card details or bank account information. Stripe processes and stores this data in compliance with PCI DSS standards. We receive from Stripe: transaction ID, subscription status, billing country, last four digits of the payment method, and invoice details.

3. Why We Process Your Data (Purposes and Legal Bases)

Purpose Data Categories Legal Basis (GDPR)
Providing the Service (account creation, feature delivery, help center hosting) Account data, service usage data, technical data Art. 6(1)(b) Performance of contract
Processing payments and managing subscriptions Account data, payment data Art. 6(1)(b) Performance of contract
Sending service-related communications (account notifications, security alerts, service changes) Account data, email address Art. 6(1)(b) Performance of contract
Improving and developing the Service (bug fixes, performance monitoring, feature development) Service usage data, technical data (aggregated/anonymized where possible) Art. 6(1)(f) Legitimate interest (improving our product)
Ensuring security (fraud prevention, abuse detection, access logs) Technical data, account data Art. 6(1)(f) Legitimate interest (security of the Service)
Marketing communications (product updates, newsletter) Email address, name Art. 6(1)(a) Consent
Responding to your inquiries and support requests Communication data, account data Art. 6(1)(b) Performance of contract
Complying with legal obligations (tax records, regulatory requirements) Account data, payment data Art. 6(1)(c) Legal obligation

4. Data Processing on Behalf of Customers

When our customers use HappySupport to create help centers, the HappyWidget may collect data from their end users (e.g., page views, guide interactions). In this case, our customer is the data controller for their end users' data, and we act as a data processor under Art. 28 GDPR.

Our Data Processing Agreement (DPA) governs this relationship. It is available upon request at contact@happysupport.ai.

5. Sub-Processors

We use the following third-party service providers to operate the Service:

Provider Purpose Location Safeguards
Amazon Web Services (AWS) Cloud infrastructure, hosting, data storage EU (Frankfurt) EU data residency, DPA
Netcup GmbH Server hosting Germany German servers, DPA
OpenAI, L.L.C. AI-powered features (AI search, content generation, translations) USA EU-US Data Privacy Framework, DPA, no training on customer data
Stripe, Inc. Payment processing, invoicing, subscription management USA (EU data processing available) EU-US Data Privacy Framework, PCI DSS, DPA

If you choose to connect your GitHub repository to HappyAgent, your repository data is processed by GitHub (Microsoft) under your own agreement with GitHub. We access your repository data through the GitHub API based on the permissions you grant.

We only engage sub-processors who provide sufficient guarantees for appropriate data protection measures. We maintain an up-to-date list of sub-processors and will notify customers of changes with reasonable advance notice.

6. International Data Transfers

Your data is primarily stored and processed within the European Union. Where data is transferred outside the EU/EEA, we ensure adequate protection through:

  • EU-US Data Privacy Framework certification of the recipient
  • Standard Contractual Clauses (SCCs) approved by the European Commission

You can request a copy of the relevant transfer safeguards by contacting us.

7. Data Retention

Data Category Retention Period
Account data Duration of the account + 30 days after deletion
Customer Data (articles, guides, recordings) Duration of the account + 30 days for export after termination
Server logs (incl. IP addresses) 90 days
Payment/invoice records 10 years (German tax law, § 147 AO)
Support correspondence 3 years after resolution (limitation period)
Marketing consent records Duration of consent + 3 years after withdrawal
Widget interaction data As defined by the customer (data controller); default 12 months

After the retention period expires, data is permanently deleted or irreversibly anonymized.

8. Cookies and Analytics

8.1 Essential Cookies

We use cookies that are strictly necessary for the operation of our website and Service, such as session cookies and authentication tokens. These are required for the Service to function and do not require consent under the GDPR.

8.2 Analytics

We use analytics tools to understand how visitors use our website. These tools are only activated with your explicit consent. If you do not consent, no analytics data is collected. You can manage your preferences through your browser settings at any time.

8.3 No Third-Party Advertising

We do not use third-party advertising cookies or sell your data to advertisers.

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

Right Description GDPR Article
Access Request a copy of the personal data we hold about you. Art. 15
Rectification Request correction of inaccurate or incomplete data. Art. 16
Erasure Request deletion of your data ("right to be forgotten"), subject to legal retention obligations. Art. 17
Restriction Request that we limit the processing of your data in certain circumstances. Art. 18
Data portability Receive your data in a structured, machine-readable format or have it transferred to another controller. Art. 20
Objection Object to processing based on legitimate interests, including profiling. Art. 21
Withdraw consent Withdraw any consent you have given at any time, without affecting the lawfulness of prior processing. Art. 7(3)

To exercise your rights, contact us at contact@happysupport.ai. We will respond within 30 days.

Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority for HappySupport is:

Der Landesbeauftragte fur den Datenschutz und die Informationsfreiheit Baden-Wurttemberg
Lautenschlagerstrasse 20
70173 Stuttgart, Germany
Web: www.baden-wuerttemberg.datenschutz.de

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you (Art. 22 GDPR). Our AI features (such as AI-powered search and content suggestions) assist in content creation but do not make decisions about individuals.

11. Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls and role-based permissions
  • Regular security assessments
  • Employee access limited to what is necessary
  • Incident response procedures

12. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours of becoming aware of the breach (Art. 33 GDPR). If the breach poses a high risk to you personally, we will also notify you directly (Art. 34 GDPR).

13. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

14. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. The "Last updated" date at the top of this page reflects the most recent version. We encourage you to review this page periodically.

15. Contact

For any questions about this Privacy Notice or our data processing practices:

HappySupport UG (haftungsbeschrankt)
c/o Campus Founders
Bildungscampus 11
74076 Heilbronn, Germany

Email: contact@happysupport.ai
Web: www.happysupport.ai

Make your help center happy. With HappySupport.

White-glove onboarding with the founders. Direct Slack line. Early access pricing.
Get early access
Book a Call
The Help Center that keeps up with your product
Auto-synced from GitHub. Powers your
ticketing system, chatbot, and in-app widget.
Choose your language:
English
Deutsch
Learn
Blog
About
Team
LEGAL
Contact
Terms
Privacy
Imprint

2026 © All rights reserved.‍