1. Data Controller
The data controller within the meaning of the General Data Protection Regulation (GDPR) is:
[PROVIDER NAME]
[STREET ADDRESS]
[POSTAL CODE CITY], Germany
Email: [EMAIL ADDRESS]
2. Collection and Storage of Personal Data
When you visit our website, the following data is automatically collected, which is technically necessary to display the website:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- Amount of data transferred
- Browser type and version
- Operating system
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring the stability and functionality of our website.
3. Registration and User Account
During registration, we collect the following data:
- Full name
- Email address
- Organization name
- Password (stored encrypted)
Processing is based on Art. 6(1)(b) GDPR for the performance of a contract or pre-contractual measures.
4. Cookies
Our website uses only technically necessary cookies:
- Session cookie — Stores your login session and is deleted when you close the browser
- CSRF token — Protects against cross-site request forgery attacks
We do not use any tracking, analytics, or advertising cookies.
5. Data Security
We use TLS (Transport Layer Security) encryption with the highest available encryption level. Sensitive data such as protocol contents and personal information are additionally protected through application-level encryption.
6. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
To exercise your rights, please contact: [EMAIL ADDRESS]
7. Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.
8. Data Processing
We use Fly.io (location: Amsterdam, EU) for hosting our application. A data processing agreement pursuant to Art. 28 GDPR is in place with this provider. Your data is processed exclusively within the European Union.