1. Privacy at a glance

We take the protection of your personal data very seriously. We process personal data confidentially and in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications Digital Services Data Protection Act (TDDDG).

This website can generally be used without actively providing personal data. Personal data is processed only where this is necessary for the operation of the website, where you voluntarily provide data to us, or where processing is permitted by law.

2. Controller

The controller responsible for data processing on this website is:

leapfrog gmbh
Friedheim 4
24944 Flensburg
Germany

Email: hi@leapfrog.com.de

3. Data Protection Officer

We have appointed a Data Protection Officer.

Data Protection Officer:
Kertos GmbH
Dr. Kilian Schmidt
Email: dpo@leapfrog.com.de

You may contact our Data Protection Officer at any time if you have questions about data protection or wish to exercise your rights.

4. Hosting and server log files

When you visit this website, the web server automatically processes information transmitted by your browser to our server. This may include in particular:

• IP address of the requesting device

• date and time of access

• requested page or file

• amount of data transferred

• referrer URL

• browser type and browser version

• operating system used

• hostname of the accessing device

This data is processed in order to provide the website technically, ensure system stability and security, and detect misuse or technical disruptions.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and error-free operation of this website.

Server log files are stored only for as long as necessary for the purposes stated above and are then deleted or anonymised, unless longer storage is required in an individual case to investigate or prevent unlawful use.

5. Cookies and local storage

This website uses only technically necessary cookies where they are required for the operation and provision of the website.

Statamic session cookie

Our website is operated using the Statamic content management system. A session cookie may be set for technical website functions, in particular for session management, security or form functionality.

This cookie is not used for analytics, advertising or user tracking.

The legal basis for storing and accessing technically necessary information is Section 25(2) TDDDG. Where personal data is processed in this context, the processing is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the technically secure and functional operation of the website.

6. Web analytics with Matomo without cookies

We use Matomo on this website for privacy-friendly statistical analysis of website usage. Matomo is operated by us on our own systems. Analytics data is not shared with third parties.

Matomo is configured on this website so that no analytics cookies are set. In particular, no Matomo cookies such as _pk_idor _pk_ses are used.

The analysis may process usage information such as:

• pages visited

• time of page view

• referrer information

• browser and operating system used

• approximate usage statistics

The IP address is anonymised or shortened so that direct identification of individual users is not possible. The analysis is carried out solely for statistical purposes in order to improve our website technically and editorially.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in measuring reach, optimising our website and improving the information we provide.

We do not create personal user profiles, track users across different websites or share data with advertising networks.

7. Local use of fonts

Fonts on this website are hosted locally. When you visit the website, no connection is established to Google Fonts servers or to other external font providers.

Your IP address is not transmitted to Google as a result of font loading.

8. Contact by email

If you contact us by email, we process the personal data you provide, in particular your email address, your name if provided, and the content of your message.

The processing is carried out in order to handle your request.

The legal basis is Art. 6(1)(b) GDPR if your request relates to pre-contractual measures or an existing contractual relationship. In all other cases, the processing is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in responding to enquiries.

The data will be deleted once your request has been fully processed and no statutory retention obligations apply.

9. Recipients of data

Personal data is disclosed to third parties only where this is necessary to provide the website, where we are legally obliged to do so, or where you have given your consent.

Where we use service providers that process personal data on our behalf, this is done on the basis of a data processing agreement pursuant to Art. 28 GDPR.

10. Retention period

We store personal data only for as long as necessary for the respective processing purposes or where statutory retention periods apply.

Once the purpose of processing no longer applies or statutory retention periods expire, the data is deleted or anonymised.

11. Your rights

Within the limits of applicable law, you have the following rights at any time:

• right of access pursuant to Art. 15 GDPR

• right to rectification pursuant to Art. 16 GDPR

• right to erasure pursuant to Art. 17 GDPR

• right to restriction of processing pursuant to Art. 18 GDPR

• right to data portability pursuant to Art. 20 GDPR

• right to object pursuant to Art. 21 GDPR

• right to withdraw consent pursuant to Art. 7(3) GDPR

If you believe that the processing of your personal data violates data protection law, you also have the right to lodge a complaint with a data protection supervisory authority.

The supervisory authority responsible for us is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Holstenstraße 98
24103 Kiel
Germany

Email: mail@datenschutzzentrum.de
Phone: +49 431 988-1200

12. Right to object

Where we process personal data on the basis of Art. 6(1)(f) GDPR, you have the right to object to such processing at any time on grounds relating to your particular situation.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing or the processing serves the establishment, exercise or defence of legal claims.

13. Data security

We take technical and organisational measures to protect your personal data against loss, destruction, manipulation and unauthorised access. Our security measures are continuously adapted in line with technological developments.

Please note that data transmission over the internet, in particular communication by email, may have security vulnerabilities. Complete protection against access by third parties is not possible.

14. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy if this becomes necessary due to technical changes, new website functions or changed legal requirements.

Last updated: June 2026