Privacy Policy
1. Privacy at a Glance
We take the protection of your personal data very seriously. This privacy policy informs you about the type, scope, and purpose of processing personal data within our online offer.
2. Data Controller
Louis Muhr
Döblergasse 3,
1070 Wien, Österreich
Email: louismuhr8@gmail.com
3. Data Collection on our Website
Server Log Files
The provider of the pages automatically collects and stores information in server log files (IP address, browser type, referrer URL, time). This data is technically necessary.
Legal basis: Art. 6(1)(f) GDPR (Legitimate interest in technical operation).
Retention period: 30 days, then automatically deleted.
Registration and Login
We store the data provided by you during registration (email, name, password hash) to provide your user account.
Legal basis: Art. 6(1)(b) GDPR (Performance of a contract).
Retention period: Until deletion of your account.
Payment Data
When making a purchase, your payment data (credit card number, billing address) is processed directly by Stripe. We only store a Stripe customer ID for reference.
Legal basis: Art. 6(1)(b) GDPR (Performance of a contract).
Retention period: Until deletion of your account. Invoice data at Stripe according to statutory retention periods.
Consent Data
We log your cookie settings (timestamp, selected categories, IP address, privacy policy version) to document your consent.
Legal basis: Art. 6(1)(c) GDPR (Legal obligation — duty to demonstrate consent under Art. 7(1)).
Retention period: 3 years after last interaction.
4. Third Parties & Data Processing
To provide our services, we use the following data processors (Art. 28 GDPR):
Stripe, Inc.
Headquarters: USA / EU processing: Ireland
Payment processing and invoicing
Data transferred: Email address, payment information, billing address
Third country transfer: Possible (USA). Safeguard: EU Standard Contractual Clauses + Stripe is certified under the EU-US Data Privacy Framework.
Brevo (Sendinblue), SAS
Headquarters: France (EU)
Sending system emails (verification, password reset, purchase confirmation)
Data transferred: Email address
Third country transfer: No, data processing in the EU.
Sentry (Functional Software, Inc.)
Headquarters: USA
Error tracking and performance monitoring (only with consent)
Data transferred: Error messages, browser information, IP address (anonymized)
Third country transfer: Yes (USA). Safeguard: EU Standard Contractual Clauses.
Turso (ChiselStrike, Inc.)
Headquarters: USA / Database region: Amsterdam (EU)
Database hosting for user data
Data transferred: All user data stored in the database
Third country transfer: No, data is stored in EU region (Amsterdam).
Upstash, Inc.
Headquarters: USA / Data region: EU (Frankfurt)
Rate limiting for abuse protection
Data transferred: IP addresses (temporary)
Third country transfer: No with EU region.
GitHub (Microsoft Corporation)
Headquarters: USA
After purchase: Invitation to private repository
Data transferred: GitHub username
Third country transfer: Yes (USA). Safeguard: EU Standard Contractual Clauses.
Vercel, Inc.
Headquarters: USA
Hosting and delivery of the web application
Data transferred: IP address, browser information, request data
Third country transfer: Yes (USA). Safeguard: EU Standard Contractual Clauses.
5. Your Rights (GDPR)
You have the right at any time to access, correct, delete, and transfer your data stored by us. Contact louismuhr8@gmail.com for this.
- Right of access (Art. 15): You can request an export of all your data at any time. Use the export function in your account settings.
- Right to rectification (Art. 16): You can change your profile data at any time in your account settings.
- Right to erasure (Art. 17): You can delete your account and all associated data in your account settings.
- Data portability (Art. 20): Data export is provided in machine-readable JSON format.
- Right to object (Art. 21): You have the right to object to the processing of your data based on legitimate interests. Contact louismuhr8@gmail.com for this.
- Withdrawal of consent (Art. 7(3)): You can withdraw your cookie consent at any time via the "Cookie Settings" link in the footer.
6. Cookies
We only use cookies for technical functionality and, with your consent, for analytics. You can withdraw your consent at any time.
7. Data Transfers to Third Countries
Some of our service providers are based outside the EU/EEA. Transfers are based on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) and/or adequacy decisions by the EU Commission (Art. 45 GDPR). Details can be found in the list of third parties in Section 4.
8. Retention Periods
We only store your data for as long as necessary for the respective purposes or as required by statutory retention periods.
- Account data: Until deletion of your account.
- Invoice data: 10 years (statutory retention obligation under commercial/tax law).
- Server logs: 30 days.
- Verification and reset tokens: Automatically deleted after expiration (24 hours and 1 hour respectively).
- Consent records: 3 years after last interaction.
9. Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority about our processing of your data (Art. 77 GDPR). The competent authority depends on your place of residence. An overview can be found at:
10. Online Dispute Resolution
The European Commission provides a platform for online dispute resolution (ODR):
https://ec.europa.eu/consumers/odr/
Our email address can be found in the imprint. We are not obligated and not willing to participate in dispute resolution proceedings before a consumer arbitration board.
Disclaimer: This template was created for . It does not constitute legal advice.