Data Protection at a Glance
1.1 General Information
The following information provides a detailed overview of what happens to your personal data when you visit Loopa. Personal data is any data by which you can be personally identified.
1.2 Who is responsible for data collection?
The data processing is carried out by:
Benjamin Michael Bremer
Gartenstraße 58a
29525 Uelzen
Germany
Email: Benjamin-Michael.Bremer@outlook.de
1.3 How do we collect your data?
Some data is collected when you provide it to us (e.g. via email or newsletter signup).
Other data is collected automatically by our IT systems when you visit the website. This includes technical data such as browser type, operating system, IP address, or time of page access.
1.4 What do we use your data for?
Data is processed to:
ensure the website functions correctly
analyze technical performance and stability
handle user inquiries
send newsletters if you have subscribed
1.5 What rights do you have regarding your data?
You have the right to request information about your stored personal data, its origin, recipients, and purpose of processing. You also have the right to request correction or deletion of your data.
Hosting
This website is hosted by:
Framer B.V.
Rozengracht 207
1016 LZ Amsterdam
Netherlands
https://www.framer.com
Framer provides the infrastructure required to operate Loopa. Personal data collected may be stored on Framer's servers (e.g. IP addresses, metadata, communication data).
Legal basis: Art. 6(1)(f) GDPR.
A Data Processing Agreement (DPA) has been concluded with Framer.
Content Delivery Network (CDN)
This website uses Amazon CloudFront, a CDN provided by Amazon Web Services, Inc.
Purpose: fast, secure, and efficient delivery of content.
Data processed may include IP address and technical request data.
Legal basis: Art. 6(1)(f) GDPR.
Data transfer to the USA cannot be excluded. AWS is certified under the EU-U.S. Data Privacy Framework.
More information: https://aws.amazon.com/privacy/
External Links (Core Functionality of Loopa)
Loopa is a curated directory that primarily consists of links to external websites and services.
When you click on such links, you leave this website. The respective provider or operator of the linked pages is responsible for data processing on their platform.
We have no control over the content or data processing practices of external websites.
Favicons via favicon.im
Loopa uses the external service favicon.im to display favicons for listed websites. Favicons are small website icons that help users visually recognize external links and resources.
When a page is loaded, your browser may request favicon files from favicon.im. In this process, technical data such as your IP address, browser information, referrer URL, requested domain, and time of access may be transmitted to favicon.im and its infrastructure providers.
We use favicon.im to present listed websites in a clearer and more user-friendly way.
Legal basis: Art. 6(1)(f) GDPR, based on our legitimate interest in a visually structured and user-friendly presentation of Loopa.
More information about favicon.im can be found on the provider’s website.
Referral Links / Tracking Parameters
Some links may include tracking parameters (e.g. UTM parameters) to understand traffic sources.
These parameters do not allow direct identification of individual users and are not used to create personal user profiles.
Legal basis: Art. 6(1)(f) GDPR.
Newsletter
7.1 Newsletter Data
If you subscribe to the Loopa newsletter, we will use your email address to send you updates about newly added tools, resources, and design inspiration.
7.2 Double Opt-in
Subscription to the newsletter uses a double opt-in procedure. After signing up, you will receive an email asking you to confirm your subscription. Only after confirmation will you receive newsletters.
7.3 Stored Data
To ensure legal compliance, we store:
your email address
the date and time of registration
the date and time of confirmation
your IP address at the time of registration and confirmation
This data is used to provide proof of your consent.
7.4 Newsletter Provider (Brevo)
We use Brevo, a service provided by:
Brevo GmbH
Köpenicker Straße 126
10179 Berlin
German
https://www.brevo.com
Brevo is used to manage newsletter subscriptions, process double opt-in confirmations, and send newsletter emails.
The personal data processed may include your email address, subscription status, time of registration, confirmation time, IP address, and technical email interaction data, where applicable.
Legal basis: Art. 6(1)(a) GDPR (consent).
More information: https://www.brevo.com/legal/privacypolicy/
7.5 API Processing via Cloudflare Workers
To process newsletter subscriptions securely, we use Cloudflare Workers, a serverless infrastructure provided by:
Cloudflare, Inc.
101 Townsend St.
San Francisco, CA 94107
USA
https://www.cloudflare.com
When you submit your email via our newsletter form, the data is transmitted through a Cloudflare Worker to securely forward it to our newsletter provider (Brevo).
The following data may be processed:
– email address
– IP address
– request metadata (e.g. timestamp, browser information)
This processing is necessary to ensure a secure and reliable transmission of data.
Legal basis: Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interest in secure data processing).
Data transfer to the USA cannot be excluded. Cloudflare is certified under the EU-U.S. Data Privacy Framework.
More information: https://www.cloudflare.com/privacypolicy/
7.6 Unsubscribe
You can unsubscribe from the newsletter at any time via the unsubscribe link provided in every email or by contacting us directly.
Contact
If you contact us via email, your data will be stored to process your request.
Cookies
This website uses only technically necessary cookies.
Data Transfers
Some services used on this website, such as AWS, Cloudflare, Brevo, or favicon.im, may involve data transfers outside the European Union.
Where required, appropriate safeguards are used, such as the EU-U.S. Data Privacy Framework or standard contractual clauses.
General Information and Mandatory Disclosures
11.1 Data Protection
We treat your personal data confidentially and in accordance with statutory data protection regulations.
11.2 Storage Duration
Personal data is stored only as long as necessary for the stated purposes.
11.3 Legal Basis
Processing is based on Art. 6(1)(a), (b), and (f) GDPR.
11.4 Right to Withdraw Consent
You may withdraw consent at any time.
11.5 Right to Object
You have the right to object to processing under Art. 21 GDPR.
11.6 Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority.
11.7 SSL/TLS Encryption
This website uses SSL/TLS encryption.
11.8 Objection to Advertising Emails
We object to the use of contact data for unsolicited advertising.
Changes to This Privacy Policy
We reserve the right to update this privacy policy.
Last updated: April 2026
