Privacy policy
We treat your data the way we'd expect to be treated ourselves: sparingly, transparently and without any tracking nonsense.
Note: This English version is provided for convenience only. The German version is the legally authoritative text. References to GDPR articles use the German abbreviation “DSGVO”, which is identical to “GDPR” in content.
1. Controller
Controller within the meaning of the General Data Protection Regulation (GDPR / DSGVO):
Doreen Bauermann
LocomeoSoft
Am Zuckerberg 31, 07554 Brahmenau, Germany
Phone: +49 36698 / 329 809
Email: kontakt@locomeosoft.com
2. Access data / server logs
When you visit this website, the hosting provider automatically records information that your browser transmits (“server log files”):
- IP address (usually shortened/anonymised)
- Date and time of access
- Page accessed / URL
- HTTP status code and amount of data transmitted
- Browser type, browser version, operating system
- Referrer URL (previously visited page)
Legal basis is Art. 6 (1) (f) GDPR. We have a legitimate interest in the secure and stable operation of the website. The data are deleted after no more than 14 days, unless a specific security incident requires longer retention.
3. Cookies
We use exclusively strictly necessary cookies within the meaning of § 25 (2) no. 2 TTDSG (German Telecommunications-Telemedia Data Protection Act). No consent is required for these:
- Authentication cookie (ASP.NET Core Identity) – keeps you signed in after login.
- Antiforgery cookie – protects forms against cross-site request forgery attacks.
- Session / circuit cookie (Blazor Server) – connects your browser with the server-side session.
No tracking takes place: no analytics cookies, no advertising cookies, no third-party cookies, no audience measurement.
4. Registration & customer account
Use of the customer area requires registration. We process the following data:
- Email address (mandatory – also serves as login name)
- Password (salted and hashed, never stored in plain text)
- Time of registration and of the most recent sign-ins / sign-outs
- Status of the email confirmation
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract or pre-contractual measures). As part of registration, we send you a confirmation email to verify your address. You can have your account deleted at any time.
Consent to data transfers to the USA
During registration, by ticking the corresponding checkbox you give your explicit consent that your email address and a hardware identifier for license validation are processed on servers operated by SmarterASP.net, Inc. (USA). Legal basis is Art. 49 (1) (a) GDPR.
You can withdraw this consent at any time with effect for the future. A withdrawal means that use of the customer account and license management will no longer be possible, since operation runs exclusively via servers in the USA. To exercise this, please contact kontakt@locomeosoft.com.
Note: The USA currently has an adequacy decision from the EU Commission (EU-U.S. Data Privacy Framework). However, to our knowledge SmarterASP.net, Inc. is not certified under the DPF. We therefore base the data transfer on your explicit consent (Art. 49 (1) (a) GDPR). SmarterASP.net holds a SOC 2 Type 2 certification and a Data Processing Agreement (DPA) under the GDPR.
5. Email contact
If you contact us by email, your details will be stored to process your request and for any follow-up questions.
Sending of system mails (confirmations, password reset, etc.) takes place via the SMTP server of our hosting provider SmarterASP.net, Inc. (Monterey Park, CA, USA). As email delivery uses the same provider as hosting, the same applies here: the transfer of personal data to the USA is based on your explicit consent (Art. 49 (1) (a) GDPR), which you provided during registration.
For pure contact emails without a customer account: Art. 6 (1) (b) and (f) GDPR.
6. Hosting
This website is hosted by SmarterASP.NET, Monterey Park, California, USA. SmarterASP.NET has committed to comply with the GDPR by entering into a Data Processing Agreement (DPA). As part of the hosting service, technically necessary data (IP address, email address) is processed on servers in the USA. For this transfer to a third country, you have given your explicit consent pursuant to Art. 49 (1) (a) GDPR.
SmarterASP.net is additionally SOC 2 Type 2 certified (Flexential data centre) and declares itself GDPR-compliant.
Legal basis for the transfer to a third country: For registered users: Art. 49 (1) (a) GDPR (explicit consent at registration). For non-registered visitors (server logs): Art. 6 (1) (f) GDPR in conjunction with Art. 49 (1) (b) GDPR (necessity for the protection of legitimate interests).
7. Payment processing
Purchases are processed by Lemon Squeezy, LLC (USA) as Merchant of Record. Lemon Squeezy processes your payment data in its own name and under its own responsibility.
From Lemon Squeezy we only receive a transaction confirmation (e.g. order number, product, license file, email address). We never see payment data (credit card, account, PayPal).
For more information please refer to Lemon Squeezy's privacy policy: www.lemonsqueezy.com/privacy.
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract).
8. License management
For license activation and validation we store the following data:
- Your email address (to associate the license)
- A hardware identifier for your system (a hash derived from stable device properties – no plain-text readout of sensitive hardware data)
- License status, activation and last-access timestamps
These data are used exclusively for license validation and to protect against multiple use, and are not passed on to third parties.
You can deregister a license at any time from your customer area. The hardware identifier is then removed from our system.
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract) and Art. 6 (1) (f) GDPR (legitimate interest in protection against unauthorised use).
9. Third-party component ExifTool (ShotScope module)
The ShotScope module of SynQai Pro uses the independent third-party program ExifTool by Phil Harvey (exiftool.org) to read and write image metadata (EXIF / IPTC / XMP). Processing takes place exclusively locally on the Licensee's system; ExifTool communicates with SynQai Pro via STDIN/STDOUT and transmits no data whatsoever to LocomeoSoft or any third party.
No network communication, no telemetry and no transfer of image data or metadata to external servers takes place. Accordingly, no processing of personal data by LocomeoSoft within the meaning of the GDPR occurs in the context of ExifTool use.
The licensing and liability provisions for this third-party component are set out in § 14 of our T&C.
10. Fonts
We use the fonts DM Sans, Inter and JetBrains Mono. These are served locally from our own server. No data is transferred to third parties (in particular not to Google).
Font licenses: SIL Open Font License 1.1.
11. Your rights
You have the following rights regarding your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7 (3) GDPR)
To exercise these rights, please contact kontakt@locomeosoft.com.
12. Right to lodge a complaint
You have the right to lodge a complaint with a data protection supervisory authority. The competent authority for us is:
Thuringian State Commissioner for Data Protection and Freedom of
Information (TLfDI)
Häßlerstraße 8, 99096 Erfurt, Germany
Web: www.tlfdi.de
As of: May 2026