GDPR and Data Processing | Arc en Ciel

Overview

We process personal data in line with the EU General Data Protection Regulation. This page focuses on third-party services involved in operating Arc en Ciel and on the transfer context around those providers.

Provider Register

• Cloudflare CDN and edge security: traffic delivery, caching, TLS termination, DDoS protection, WAF, request metadata, IP addresses, user-agent strings, cached content, and network-security signals.
• Cloudflare Web Analytics: optional analytics after consent.
• Cloudflare Turnstile: anti-abuse checks during registration where enabled.
• Private Email SMTP: account verification, password reset, and essential transactional email delivery.
• Stripe: donations, subscriptions, checkout sessions, billing portal actions, customer and subscription identifiers, and payment metadata.
• Discord OAuth, Civitai, Hugging Face, configured OpenWebUI or LLM gateway, and Tavily are used only for the optional flows or integrations users start.

International Transfers

Provider roles can vary by context. Some providers operate global infrastructure and can process data outside the EU/EEA, including in the United States. Where required, provider data-processing terms, contractual safeguards, and transfer mechanisms such as SCCs apply.

Contact

ArcEnCiel UG Am Vietshof 2-4 46236 Bottrop Germany Represented by: Murat Turcan, Managing Director Email: [email protected] Register court: Amtsgericht Gelsenkirchen Register number: HRB 19844

Privacy and GDPR questions: [email protected]