foundeur

Privacy Policy

Last updated: March 2026  ·  GDPR compliant

1. Data We Collect

We collect the following categories of personal data:

  • Identity data: Full legal name, date of birth, nationality
  • Contact data: Email address, phone number, postal address
  • Identity documents: Passport or national ID, proof of address (utility bill or bank statement)
  • Financial data: Source of funds declaration; payment processing is handled by Stripe — we do not store card details
  • Company data: Proposed company name, business activity, share structure, registered address
  • Usage data: Browser type, IP address, pages visited — collected via analytics to improve our service

2. Purpose of Processing

We use your personal data to:

  • Process your company formation application
  • Prepare legal documents (articles of association, business plans, motivation letters)
  • Communicate with you about your formation status and next steps
  • Submit required documents to government authorities (Handelsregister, INPI, etc.)
  • Comply with anti-money laundering (AML) and know-your-customer (KYC) obligations
  • Process your visa application if that service was purchased
  • Improve our platform and services

3. Legal Basis for Processing

Contract performance

Processing is necessary to deliver the company formation service you purchased.

Legal obligation

We are required to retain certain records under German commercial law and AML regulations.

Legitimate interests

Fraud prevention, security, and improving our services.

Consent

Where required (e.g. marketing communications), we rely on your explicit consent.

4. Data Sharing

We share your data only where necessary:

  • Government authorities for company registration
  • Notaries and legal professionals involved in your formation
  • Banks for company account opening
  • Immigration authorities if visa assistance was purchased
  • Our technology and operations service providers (under data processing agreements)

We never sell your personal data to third parties.

5. Data Retention

Personal data and identity documents are retained for 7 years in accordance with German commercial law (§ 257 HGB) and AML obligations. After this period, data is securely deleted unless a longer retention period is required by law.

6. Your Rights Under GDPR

Access

Request a copy of all personal data we hold about you.

Rectification

Correct inaccurate or incomplete personal data.

Erasure

Request deletion, subject to legal retention requirements.

Portability

Receive your data in a structured, machine-readable format.

Restriction

Ask us to limit how we use your data in certain circumstances.

Objection

Object to processing based on legitimate interests.

To exercise any of these rights, email privacy@foundeur.com. We will respond within 30 days.

7. Contact & Supervisory Authority

For privacy-related inquiries, contact our Data Protection contact at privacy@foundeur.com.

You have the right to lodge a complaint with the competent data protection authority. The supervisory authority for Germany is the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) — the German Data Protection Authority.

Privacy questions?

Email privacy@foundeur.com — we respond within 30 days of receiving your request.