Privacy Policy

1. Data Controller

Blue Panther GmbH is the data controller for personal data processed through the Compliance Platform. Contact: support@panther.blue

2. Data We Collect

We collect the following personal data: name, email address, organization name, role within the platform, and usage data (login timestamps, audit logs). We do not collect sensitive personal data beyond what is necessary for compliance management.

3. Legal Basis (Art. 6 GDPR)

We process your data based on: (a) contract performance — to provide the compliance management service; (b) legitimate interest — to improve our service and ensure security; (c) legal obligation — to meet regulatory requirements.

4. Data Retention

Account data is retained for the duration of your subscription. Audit logs are retained for 3 years for regulatory compliance purposes. After account deletion, personal data is anonymized within 30 days.

5. Your Rights

Under GDPR, you have the right to: access your data, rectify inaccurate data, request erasure, restrict processing, data portability, and object to processing. You can exercise these rights through the platform settings or by contacting support@panther.blue.

6. Data Transfers

Data is hosted within the EU (Vercel EU region / Neon EU database). For service providers outside the EU, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission.

7. Cookies

We use the following types of cookies:

• Essential cookies: Required for authentication and session management. These cannot be disabled.
• Analytics cookies: Used via Google Analytics (GA4) to understand how visitors interact with the platform. These are only activated after you give consent via our cookie banner.

You can change your cookie preferences at any time by clearing your browser's local storage for this site.

8. Analytics

With your consent, we use Google Analytics 4 (provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to analyze usage patterns and improve our service. Google Analytics collects:

• Pages visited and time spent
• Device type, browser, and operating system
• Approximate geographic location (country/city level)
• Referral source

IP addresses are anonymized before processing. Data is processed based on your consent (Art. 6(1)(a) GDPR). Google may transfer data to the US under EU Standard Contractual Clauses. You can opt out by declining analytics cookies in our cookie banner or by installing the Google Analytics Opt-out Browser Add-on.

9. Contact

For privacy inquiries: support@panther.blue
Data Protection Officer: support@panther.blue
Supervisory authority: Berliner Beauftragte für Datenschutz und Informationsfreiheit