Legal

Privacy Policy.

Last updated: July 3, 2026

1. Responsible entity (controller)

The entity responsible for data processing on this website is:

pro rerum GmbH

Birkenweg 6

6147 Altbüron

Switzerland

Email: info@pro-rerum.com

2. Data protection contact

For questions regarding data protection, please contact our data protection officer:

pro rerum GmbH

DPO

Birkenweg 6

6147 Altbüron

Switzerland

Email: info@pro-rerum.com

3. What data we collect and why

3.1 Founder submissions

When you submit an offer as a founder, we collect: your name, company name, website, business email, social media accounts (platform and username/link), product name, category, region, pricing information, discount details, preferred publication date, and a video URL. We also record whether you accepted our terms and whether you are willing to share the deal.

Purpose: To review your submission, verify your identity, publish approved offers, and communicate with you about your application.

Legal basis: Performance of a contract (Art. 6 para. 1 lit. b GDPR) and our legitimate interest in verifying submissions (Art. 6 para. 1 lit. f GDPR).

3.2 Email verification

We send a verification code to your business email to confirm it belongs to you.

Purpose: To prevent fraudulent submissions and ensure we can reach you.

Legal basis: Legitimate interest in platform security (Art. 6 para. 1 lit. f GDPR).

3.3 Social media verification

To verify your social media presence, we generate a unique code (e.g., FZ-12xxxx) and ask you to send it via direct message to our Instagram account. We only store that you confirmed this step, not the DM itself.

Purpose: To confirm you control the social media account you provided.

Legal basis: Legitimate interest in verifying founder identity (Art. 6 para. 1 lit. f GDPR).

3.4 Contact inquiries

When you email us at info@pro-rerum.com, we store your email address and the content of your message.

Purpose: To respond to your inquiry.

Legal basis: Legitimate interest in communicating with users (Art. 6 para. 1 lit. f GDPR), or consent where applicable.

3.5 Newsletter / deal notifications

If you opt in, we collect your email address to send you deal notifications or newsletters.

Purpose: To inform you about new deals and platform updates.

Legal basis: Your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw consent at any time via the unsubscribe link in every email or by contacting us.

3.6 Technical / log data

Our hosting provider and platform infrastructure automatically collect technical data such as IP address, browser type, operating system, referring URL, date and time of access, and error logs. This data is used for security, stability, and troubleshooting.

Legal basis: Legitimate interest in ensuring IT security and service operation (Art. 6 para. 1 lit. f GDPR).

4. Cookies and similar technologies

We use essential cookies and similar technologies that are technically necessary for the operation of the website (e.g., session management, security tokens). We do not use cookies for advertising or behavioral tracking. No third-party ad tracking is in place.

5. Data sharing and recipients

We do not sell your personal data. We share data only with the following categories of recipients, and only to the extent necessary:

  • Hosting / infrastructure provider: Lovable Cloud (Supabase) — stores submission data, handles authentication, and provides database services.
  • Email service: Lovable Email (via notify.founderdealz.com) — sends verification codes and transactional emails.
  • Social media platforms: Instagram — used only for the voluntary social verification step described above. We do not receive data from Instagram beyond your confirmation.
  • Legal obligations: We may disclose data if required by law or to protect our rights.

6. International data transfers

Our infrastructure providers (Lovable Cloud / Supabase) may process data in jurisdictions outside the European Economic Area (EEA), including the United States. In such cases, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.

7. Data retention

  • Submission data: Retained for as long as necessary to process your application and, if approved, to display and archive the offer. After an offer is archived, data is kept for legal and operational purposes for up to 3 years, unless you request earlier deletion.
  • Contact emails: Retained for up to 2 years after the last communication, unless you request deletion.
  • Newsletter subscriptions: Retained until you unsubscribe or withdraw consent.
  • Technical / log data: Retained for up to 30 days, unless longer retention is required for security incident investigation.

8. Your rights

Under applicable data protection law (including the GDPR and Swiss FADP), you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten"): You can request deletion of your personal data where the legal basis no longer applies, subject to legal retention obligations.
  • Right to restriction of processing: You can request that we limit the use of your data in certain circumstances.
  • Right to data portability: You can request your data in a structured, commonly used, machine-readable format.
  • Right to object: You can object to processing based on legitimate interests, and you can object to direct marketing at any time.
  • Right to withdraw consent: Where processing is based on consent (e.g., newsletter), you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us at info@pro-rerum.com. We will respond within the timeframe required by law (typically one month under GDPR).

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state or Switzerland where you reside or work.

9. Data security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit (TLS), access controls, and regular security reviews. However, no method of transmission over the internet or electronic storage is 100% secure.

10. Children's privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this privacy policy from time to time. Material changes will be posted on this page with an updated "Last updated" date. Your continued use of the site after changes constitutes acceptance of the revised policy.

12. Contact

If you have any questions about this privacy policy or our data practices, please contact us at: info@pro-rerum.com