Privacy Policy
Last updated: 2026-07-12 Applies to verbative.de, the Verbative account system, and the Verbative VS Code extension.
This policy explains what personal data Florian Cramer ("we", "us") collects when you use Verbative, why we collect it, the legal bases on which we rely, who we share it with, how long we keep it, and the rights you have under the EU General Data Protection Regulation (GDPR) and the UK GDPR.
1. Who is responsible (data controller)
The controller responsible for your personal data is:
Florian Cramer Cramer Digital Noppiusstraße 16 52062 Aachen Germany Email: info@verbative.de VAT ID (§ 27a UStG): DE369065906
We have not appointed a Data Protection Officer because we are not legally required to do so (Art. 37 GDPR, § 38 BDSG). For any privacy matter, contact us at the address above.
2. The short version
- We collect the minimum needed to run a licensed software product: your email, your subscription status, and a per-day count of how often you use certain metered features.
- We never collect your voice or your prompts. Voice is processed on your own machine, or — if you choose Cloud transcription — by Anthropic as part of the Claude Code CLI. It never reaches us.
- We do not run advertising and never sell or rent your data. The only website analytics we use is privacy-friendly and cookieless.
- You can access, export, or delete your data at any time by emailing us.
3. Personal data we collect
- Account data. Your email address. You sign in with a one-time 8-digit code sent to that address (passwordless). If you use the free tier without signing in, the extension generates a random anonymous device identifier (UUID); we store it against a synthetic placeholder email and cannot link it to you personally unless you later sign in.
- Subscription & billing data. If you subscribe to Advanced, the purchase is sold and processed by Stripe acting as our Merchant of Record (see section 7). We never receive or store your card details. As seller of record, Stripe processes your payment and billing data as its own controller, issues your receipts and invoices, and determines and remits any applicable tax. From that transaction we receive only a limited reference set — your Stripe customer ID, subscription ID, price ID, subscription status, and the current billing-period end date — so we can grant or revoke your Advanced access.
- Usage metering data. Each time you use a metered free-tier feature — a hands-free voice "wake", a Verbative Shot screenshot capture, an Advisory Board review, or a Project Roadmap update — we record a timestamp, the random device identifier, and the event type (which feature it was), plus a per-day counter for each feature. This is used solely to enforce the free-tier daily limits per account (if you sign in, the limit combines your usage across your own devices) and to detect abuse. We do not meter Advanced (paid) users — no usage records are created for paid accounts. It contains no audio, no images, and no text of what you said or captured.
- Support correspondence. If you email us, we keep your message and contact details to answer and to keep a record.
- Technical/security data. Like any internet service, our servers process the IP address and basic request metadata for the time needed to deliver the response and to protect against abuse. We do not build profiles from this.
4. Your voice and prompts (how the extension works)
Verbative drives Anthropic's Claude Code CLI by voice. There are two transcription modes, and you choose:
- Local mode (the default on every plan). Your spoken prompt is transcribed entirely on your own device using the bundled whisper.cpp model. The audio and the resulting text never leave your machine and never reach us or any third party.
- Cloud mode. Wake-word and command detection still run locally, but the prompt itself is recorded and transcribed by Anthropic as part of the Claude Code CLI, under Anthropic's own terms and privacy policy. That audio passes from your machine to Anthropic; it never passes through us.
In both modes, all spoken output is synthesised locally on your device with the bundled Kokoro engine. We do not receive, store, or have any access to your microphone audio, your prompts, or Claude's responses. Your Verbative Shot screenshot images also stay only on your own machine — on the free plan we record only that a capture happened (the same minimal usage record described in section 3: a timestamp, the random device identifier, the event type, and a per-day count), never the image itself.
5. Why we use your data and our legal bases
Under Art. 6(1) GDPR we rely on:
- To provide the service — performance of a contract (Art. 6(1)(b)). Creating and authenticating your account, granting Advanced access, and applying your plan's entitlements.
- To take payment and manage your subscription — contract and legal obligation (Art. 6(1)(b), (c)). Payment is taken by Stripe as our Merchant of Record; we process the resulting subscription reference to grant your Advanced access and to keep the records that tax and commercial law require.
- To meter usage and prevent abuse — legitimate interests (Art. 6(1)(f)). Counting your use of metered features (hands-free wakes, Verbative Shot screenshots, Advisory Board reviews, and Project Roadmap updates) to enforce the free-tier daily limits and detect abusive use; the data is minimal and contains no content.
- To communicate with you — contract / legitimate interests (Art. 6(1)(b), (f)). Sign-in codes, essential service notices, and support answers.
- To keep the service secure — legitimate interests (Art. 6(1)(f)). Processing connection data such as your IP address and request metadata to deliver responses and to ensure the network and information security of our website and API and prevent abuse.
- Marketing emails — your consent (Art. 6(1)(a)). Only if you explicitly opt in do we send occasional product news. This is optional, never a condition of using Verbative, and you can withdraw at any time with effect for the future; we record the consent date as proof.
Is providing this data required? Your email address is necessary to create an account and perform the contract; without it we cannot give you an account. Billing data is necessary to take payment. Usage metering is generated automatically as you use the Service and is needed to enforce plan limits. Marketing consent is entirely optional. There is no statutory obligation to provide any of this data, but if you do not, we may be unable to provide the corresponding part of the Service.
6. Cookies, analytics, and local storage
We use only what is strictly necessary. When you sign in on the website, Supabase sets a session cookie. The extension stores your license token and settings locally on your device. We use no advertising cookies and no third-party tracking.
For website analytics we use PostHog in a cookieless, EU-hosted configuration: it sets no cookies and stores no identifiers on your device, collects no personal data, and records only anonymous, aggregated interactions.
We also record a small number of product events on our server (e.g. that a free licence was created, an account signed in, or an account upgraded to Advanced), identified only by an internal account/device ID (never your email, audio, or prompts), carrying no message content; PostHog is asked not to build a personal profile. Because nothing is stored on or read from your device, neither use needs a consent banner under § 25 TDDDG / Art. 5(3) of the ePrivacy Directive; the server-side product events rest on our legitimate interest (Art. 6(1)(f) GDPR). Analytics runs only in production. We honour a "Do Not Track" signal on the website.
7. Who we share data with (processors and recipients)
We never sell your data. We share it only with the providers that operate Verbative on our behalf — most as processors under a data-processing agreement (Stripe acts as our Merchant of Record and independent controller for the purchase, see below) — and only as far as needed:
- Supabase — authentication and our Postgres database; it generates the one-time sign-in code emails, which are sent through our IONOS Mail SMTP relay (see IONOS below).
- Stripe — our Merchant of Record for the Advanced subscription ("Stripe Managed Payments"). As the seller of record, Stripe takes your payment and acts as an independent controller for the purchase transaction under its own privacy policy: it processes your payment and billing details, calculates and remits any applicable tax, issues your payment receipts and invoices directly to you, and handles payment support, refunds and disputes; it may also act on your requests to access or delete your transaction and Link-account data. We never receive or store your full card details; from the transaction we receive only the limited subscription reference described in section 3, which we process to grant or revoke your access.
- IONOS SE — the German hosting provider running the website (DeployNow) and API backend (VPS), the encrypted backup storage, and our outbound email relay (IONOS Mail SMTP) used to send the sign-in code and account emails.
- PostHog — privacy-friendly, EU-hosted analytics. Cookieless on the website with no personal data; server-side only anonymous product events keyed to an internal account/device ID.
Anthropic is not our processor. In Cloud transcription mode your prompt travels directly from your machine to Anthropic through your own Claude Code CLI, under your own agreement with Anthropic — we never receive, store, or route it. In Local mode nothing is sent to Anthropic for transcription. We have no data-processing agreement with Anthropic because we share no personal data with it.
We may also disclose data where legally required, or to establish, exercise, or defend legal claims.
8. International data transfers
Some providers above process data on servers outside the EEA (e.g. in the United States). Where that happens, the transfer is protected by an appropriate safeguard under Chapter V GDPR. For transfers to providers in the United States, we rely on the European Commission's EU–US Data Privacy Framework adequacy decision (of 10 July 2023) where the recipient is certified, and otherwise on the Commission's Standard Contractual Clauses together with supplementary measures. You can request a copy of the relevant safeguards at the contact address in section 1.
9. How long we keep your data
- Usage metering data: usage events are automatically deleted after 90 days, and the per-day usage counters after 30 days.
- Product-analytics events (PostHog): deleted after 12 months (PostHog's data-retention period for our plan).
- Account and subscription records: kept for as long as your account exists.
- Billing/accounting records: retained for the period required by law after the business relationship ends (in Germany, generally up to 10 years under §§ 147 AO / 257 HGB), then deleted.
- Support correspondence: kept only as long as needed to handle the matter.
- Technical/server logs: the IP address and request metadata are kept only briefly (typically up to ~14 days) for delivery and security, then deleted or anonymised.
- Encrypted operational backups (disaster recovery): we keep encrypted backups of the database and file storage for up to 30 days on a rolling basis, then overwrite them. Backups are a security and business-continuity measure (Art. 32 GDPR), not a separate archive: data you delete is removed from the live service straight away and ages out of the corresponding backups within this window.
When you delete your account, we delete or anonymise your personal data from our live systems without undue delay, except records we are legally obliged to keep, which we restrict from further use until the retention period expires. Copies may briefly persist after deletion — in our own encrypted operational backups until they are overwritten on the rolling 30-day cycle described above, and in the routine resilience/backup layers our processors (for example Supabase and IONOS) operate on their own infrastructure until overwritten in the normal course. If a backup is ever restored, we re-apply outstanding deletions.
10. Your rights
Under the GDPR / UK GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), to object to processing based on legitimate interests (Art. 21), and to withdraw consent at any time (Art. 7(3)).
Right to object (Art. 21). Where we process your data on the basis of our legitimate interests (section 5), you have the right to object at any time, on grounds relating to your particular situation. If you object, we will stop that processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims. You may also object at any time, and without giving any reason, to any processing of your data for direct-marketing purposes.
To exercise any of these, email info@verbative.de. We respond within one month, at no charge and with no disadvantage to you.
You also have the right to lodge a complaint with a data-protection supervisory authority, in particular in the EU member state of your residence, place of work, or the place of the alleged infringement. For us, the competent authority is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW), Postfach 20 04 44, 40102 Düsseldorf, poststelle@ldi.nrw.de, www.ldi.nrw.de.
11. Automated decision-making
We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on you within the meaning of Art. 22 GDPR. Enforcing the free-tier limits is a simple per-feature daily count used only to allow or block the next action; we do not combine it with other data to evaluate or predict your behaviour, and we do not use it to profile you.
12. Security
We protect your data with appropriate technical and organisational measures: encryption in transit (TLS), access controls and least privilege, passwordless authentication, and payment data handled entirely by PCI-DSS-compliant Stripe. We design Verbative to hold as little personal data as possible in the first place.
13. Children
Verbative is a developer tool and is not intended for minors. We do not knowingly collect personal data from minors. If you believe that personal data of a minor has been provided to us, please contact us so we can take appropriate steps (including deletion where applicable).
14. Changes to this policy
We may update this policy as the product or the law evolves. We will change the "Last updated" date above and, for material changes, give reasonable notice (for example by email or an in-app notice).
15. Contact
Questions about this policy or your data? Email info@verbative.de, or write to us at the postal address in section 1.