Privacy Policy

Effective date: July 5, 2026
Last updated: July 5, 2026

This Privacy Policy explains how Thomas Halbritter, operating as Halbritter Media, Rathausstr. 41, 84082 Laberweinting, Germany ("we", "us", "our", or "Controller"), processes personal data in connection with usevisuals.com, the usevisuals onboarding dashboard, the GTM Agent Kit, downloads, purchases, support, and related communications.

We process personal data in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Digital Services Act (DDG), and the German Telecommunications Digital Services Data Protection Act (TDDDG), where applicable.

1. Controller

Thomas Halbritter
Halbritter Media
Rathausstr. 41
84082 Laberweinting
Germany

Email: info@usevisuals.com
Phone: +49 174 7322853

2. Scope of This Policy

This policy covers personal data processed by us when you:

  • visit usevisuals.com or related landing pages;

  • buy or access the GTM Agent Kit;

  • use the onboarding dashboard or magic-link login;

  • download product files;

  • contact us by email, form, calendar booking, or support request;

  • subscribe to updates or newsletters, where offered;

  • interact with our business outreach or marketing communications.

The GTM Agent Kit itself is a downloadable, file-based workflow product. When you run the product locally in your own AI agent, editor, terminal, browser, social platform, hosting account, or other third-party tool, that processing usually happens in your own environment or under your own account with that third-party provider. Unless you send files, outputs, logs, prompts, or support materials to us, we do not automatically receive or monitor the content you create with the GTM Agent Kit.

3. Personal Data We Process

3.1 Website Visitors

When you visit our website or dashboard, we or our hosting providers may process:

  • IP address;

  • date and time of access;

  • browser type and version;

  • operating system and device information;

  • referring URL;

  • requested pages and files;

  • server log data;

  • security and error logs.

We process this data to provide the website, maintain security, prevent abuse, debug errors, and improve reliability.

Legal bases: Article 6(1)(f) GDPR (legitimate interests in secure and reliable website operation) and, where necessary, Article 6(1)(b) GDPR (pre-contractual or contractual access).

3.2 Contact, Support, and Communication Data

If you contact us, book a call, request support, or reply to one of our emails, we may process:

  • name;

  • email address;

  • company name;

  • message content;

  • attachments, screenshots, files, logs, or product folders you choose to send;

  • call or booking details;

  • communication history.

We use this data to respond to your request, provide support, handle pre-contractual questions, and maintain business records.

Legal bases: Article 6(1)(b) GDPR (contract or pre-contractual measures), Article 6(1)(f) GDPR (legitimate interest in responding to inquiries and documenting support), and Article 6(1)(a) GDPR where consent is requested.

3.3 Purchases, Orders, and Billing

Purchases may be processed through Lemon Squeezy and, depending on the checkout method, its payment infrastructure or payment partners. We do not store full credit card numbers.

We may receive or process:

  • purchaser email address;

  • customer or business name, where provided;

  • order ID;

  • product ID and variant ID;

  • purchase status;

  • refund status;

  • billing country or tax information where provided to us;

  • VAT identification number where provided;

  • webhook payloads required to verify purchases and control dashboard access.

Payment providers process payment details, fraud checks, tax handling, invoices, and related transaction data under their own terms and privacy notices.

Legal bases: Article 6(1)(b) GDPR (contract performance), Article 6(1)(c) GDPR (tax and accounting obligations), and Article 6(1)(f) GDPR (fraud prevention, access control, and purchase verification).

3.4 Onboarding Dashboard and Magic-Link Login

The usevisuals onboarding dashboard uses email-based access for purchasers. We may process:

  • email address;

  • purchase source;

  • order ID;

  • product ID and variant ID;

  • account status;

  • magic-link login token hash;

  • token creation, expiry, and use status;

  • last login time;

  • session cookie containing signed session data;

  • webhook event ID, event name, order ID, and webhook payload needed for purchase verification.

The current dashboard uses a signed uv_session cookie to keep you logged in. This cookie is necessary to provide the dashboard you requested.

Legal bases: Article 6(1)(b) GDPR (dashboard access and product delivery), Article 6(1)(f) GDPR (secure access control), and Section 25(2) TDDDG for strictly necessary cookies.

3.5 Product Use and Local Workflow Data

The GTM Agent Kit may help you create or organize:

  • business context files;

  • ICP, brand, and content strategy files;

  • prompts and agent instructions;

  • social posts, blog posts, newsletters, lead magnets, captions, visuals, HTML, PNGs, and CSV logs;

  • QA reports, run summaries, and generated outputs.

By default, these files are created locally in your own product folder or in the AI/workflow environment you choose. We do not automatically collect them.

If you choose to run prompts, files, or outputs through third-party AI tools or developer tools, such as ChatGPT, Codex, Claude, Claude Code, Cursor, OpenAI APIs, Anthropic APIs, or similar services, the data you submit to those services is processed under your own relationship with those providers. You are responsible for checking their privacy terms, data processing terms, retention settings, and any enterprise or consumer controls available to you.

If you send product files, generated outputs, screenshots, or logs to us for support, we process that material only for the support purpose, unless another legal basis applies.

3.6 Newsletter and Marketing Communications

If you subscribe to updates, a newsletter, a launch list, or other marketing communications, we may process:

  • email address;

  • name or company, if provided;

  • subscription status;

  • consent records;

  • open, click, bounce, and unsubscribe data where provided by the email platform.

Legal bases: Article 6(1)(a) GDPR (consent) for most newsletter subscriptions and Article 6(1)(f) GDPR for limited direct marketing to existing customers where legally permitted. You can unsubscribe at any time.

3.7 B2B Outreach

Where we contact business contacts in a professional context, we may process limited business contact data, such as:

  • name;

  • business email address;

  • company name and domain;

  • role or publicly available professional context;

  • publicly available company information;

  • outreach status, replies, bounces, unsubscribes, and suppression-list records.

We use this data only for targeted B2B business development where we believe usevisuals may be professionally relevant.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in targeted B2B business development). You may object at any time by replying to the email or using the unsubscribe option. If you object, we stop further outreach and keep only the minimum suppression data needed to avoid contacting you again.

4. Cookies and Similar Technologies

We use strictly necessary cookies and similar technologies to provide requested website and dashboard functionality, including login sessions, security, and checkout or account access.

Where non-essential cookies, analytics cookies, tracking pixels, or similar technologies are used, they are used only where legally permitted and, where required, after consent.

Legal bases:

  • Strictly necessary cookies: Article 6(1)(f) GDPR or Article 6(1)(b) GDPR, and Section 25(2) TDDDG.

  • Analytics, advertising, or non-essential cookies: Article 6(1)(a) GDPR and Section 25(1) TDDDG, where consent is required.

You can withdraw cookie consent at any time through the available cookie settings, if a consent banner is used, or by deleting cookies in your browser.

5. Analytics

We may use analytics tools, such as Google Analytics, on marketing pages to understand website usage and improve the website. Analytics tools may process page views, referrer data, approximate location, device information, browser information, and interaction data.

Where required, analytics tools are activated only after your consent. We configure analytics with privacy-protective settings where reasonably available, such as IP anonymization, limited retention, and restricted data sharing.

Legal basis: Article 6(1)(a) GDPR and Section 25(1) TDDDG where consent is required.

6. Hosting, Infrastructure, and Service Providers

We use third-party service providers to operate the website, dashboard, checkout, product delivery, email, and support workflows. Depending on the feature you use, recipients or processors may include:

Vercel is used for hosting and delivering the onboarding dashboard. It may process IP addresses, logs, device data, and request data.

Framer is used for hosting and delivering marketing pages, where used. It may process IP addresses, logs, device data, and request data.

Neon is used as a serverless Postgres database for purchaser access and login records. It may process email addresses, order IDs, product IDs, login-token records, and account status information.

Lemon Squeezy is used for checkout, merchant-of-record services, payment processing, tax handling, and order administration. It may process order, payment, billing, tax, refund, and customer data.

Resend is used for transactional login emails and product access emails. It may process email addresses, email content, and delivery data.

Google Analytics is used for website analytics, where enabled. It may process usage data, device data, and analytics data.

Cal.com or Calendly is used for appointment scheduling, where used. It may process names, email addresses, booking details, and message content.

Google Meet or Zoom is used for calls, demos, and support sessions, where used. It may process meeting metadata and audio, video, or chat content if used.

beehiiv or a similar newsletter provider is used for newsletters and email updates, where used. It may process email addresses, subscription data, and engagement data.

OpenAI, Anthropic, Cursor, or other AI/developer tools are not normally our processors for local product use. They may process data if you use them under your own account or if we use them to support your request. This may include prompts, files, support information, or business-context data submitted to the tool.

Node.js, Playwright, and Chromium are used as local rendering and validation tools included in the product. They normally process local HTML, CSS, and image files, with no automatic transfer of this data to us.

We enter into data processing agreements with processors where required by Article 28 GDPR. Some providers may also act as independent controllers for parts of their processing, for example payment, fraud prevention, tax compliance, or account administration.

7. AI Processing

The GTM Agent Kit is designed to be used with file-aware AI tools. The product may help you submit prompts, business context, brand assets, and draft content to the AI tool you choose. That AI processing is normally controlled by you and the provider of the AI tool.

We do not automatically send your product folder, customer data, prompts, or outputs to AI model providers.

If you ask us for support and provide files, prompts, logs, or outputs, we may use AI tools to help analyze or answer your support request. In that case, we limit submitted information to what is reasonably necessary and avoid submitting sensitive personal data unless required and lawful.

No automated decision-making with legal or similarly significant effects within the meaning of Article 22 GDPR is carried out by us.

8. International Data Transfers

Some providers may process personal data outside the European Economic Area. Where this happens, we rely on appropriate safeguards, such as:

  • an adequacy decision by the European Commission, including the EU-US Data Privacy Framework where applicable;

  • Standard Contractual Clauses approved by the European Commission;

  • additional technical and organizational measures where appropriate;

  • data minimization.

9. Retention

We retain personal data only as long as necessary for the relevant purpose or as required by law.

Typical retention periods:

  • Server logs: usually up to 30 days, unless longer retention is required for security, error analysis, or legal claims.

  • Contact and support requests: up to 3 years after the last communication, unless a longer period is required for legal claims or accounting records.

  • Purchase, invoice, and tax records: generally 10 years from the end of the relevant calendar year, where required by German tax and commercial law, including Section 147 AO and Section 257 HGB.

  • Dashboard account records: for the duration of product access and then as long as necessary for contractual, fraud-prevention, refund, tax, or legal-claim purposes.

  • Magic-link login tokens: short-lived; current login links expire after 15 minutes. Token records may be retained for security and audit purposes.

  • Session cookie: current dashboard sessions are designed to last up to 30 days unless you sign out earlier or the session is otherwise invalidated.

  • Newsletter records: until you unsubscribe or withdraw consent; minimal suppression data may be retained to prevent further emails.

  • B2B outreach data: usually up to 12 months from collection or last activity, unless earlier deletion is requested or a longer retention is required. Suppression records may be kept in minimal form to respect objections.

  • Support files and generated outputs sent to us: as long as needed to handle the request, then deleted or minimized unless legal retention or legitimate documentation interests apply.

10. Your Rights

Subject to the legal requirements, you have the following rights:

  • right of access under Article 15 GDPR;

  • right to rectification under Article 16 GDPR;

  • right to erasure under Article 17 GDPR;

  • right to restriction of processing under Article 18 GDPR;

  • right to data portability under Article 20 GDPR;

  • right to object under Article 21 GDPR;

  • right to withdraw consent at any time under Article 7(3) GDPR;

  • right to lodge a complaint with a supervisory authority.

To exercise your rights, contact us at info@usevisuals.com.

11. Right to Object to Direct Marketing

If we process your personal data for direct marketing, you may object at any time. After your objection, we will no longer process your personal data for direct marketing.

If processing is based on legitimate interests under Article 6(1)(f) GDPR, you may object on grounds relating to your particular situation. We will stop the relevant processing unless we can demonstrate compelling legitimate grounds or the processing is required for legal claims.

12. Competent Supervisory Authority

You may lodge a complaint with any competent data protection supervisory authority. The authority generally competent for us is:

Bayerisches Landesamt fuer Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
Website: https://www.lda.bayern.de

13. Security

We use appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. Measures may include TLS encryption, access controls, signed login links, signed session cookies, webhook signature verification, database access restrictions, and careful provider selection.

No internet-based service can be guaranteed to be completely secure. You are responsible for protecting your own devices, local product folder, AI-tool accounts, API keys, social accounts, publishing accounts, and backups.

14. Customer Responsibilities When Using the Product

If you use the GTM Agent Kit to process personal data about your own customers, leads, audience, employees, or other individuals, you are responsible for ensuring that you have a lawful basis and that your use of third-party AI tools, publishing tools, analytics tools, hosting platforms, and storage systems complies with applicable law.

The standard GTM Agent Kit does not make us your data processor for your local project data. If a separate paid service requires us to process personal data on your behalf, that processing must be governed by a separate data processing agreement where required by Article 28 GDPR.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date above shows the latest revision. Material changes may be communicated through the website, dashboard, email, or another appropriate channel.

16. Contact

For questions about this Privacy Policy or our data processing, contact:

Thomas Halbritter
Halbritter Media
Rathausstr. 41
84082 Laberweinting
Germany

Email: info@usevisuals.com
Phone: +49 174 7322853

© 2026 Halbritter Media

GTM Agent Kits. usevisuals.com is not affiliated with OpenAI, Anthropic, Cursor, or their teams, nor is it endorsed or sponsored by them.

Disclaimer: The content on usevisuals.com is provided for general informational purposes only. While we strive for accuracy, we make no representations as to the completeness or reliability of any information. Any action you take upon the information on this website is strictly at your own risk.

© 2026 Halbritter Media

GTM Agent Kits. usevisuals.com is not affiliated with OpenAI, Anthropic, Cursor, or their teams, nor is it endorsed or sponsored by them.

Disclaimer: The content on usevisuals.com is provided for general informational purposes only. While we strive for accuracy, we make no representations as to the completeness or reliability of any information. Any action you take upon the information on this website is strictly at your own risk.

© 2026 Halbritter Media

GTM Agent Kits. usevisuals.com is not affiliated with OpenAI, Anthropic, Cursor, or their teams, nor is it endorsed or sponsored by them.

Disclaimer: The content on usevisuals.com is provided for general informational purposes only. While we strive for accuracy, we make no representations as to the completeness or reliability of any information. Any action you take upon the information on this website is strictly at your own risk.