In the following, we would like to inform you about the data processing on our website, in particular about which categories of data we process for which purposes when you visit our website.

Please note, however, that we may amend our privacy policy from time to time, for example due to the implementation of new technologies or due to changes in the law.

1. General

1.1 Responsible

The data protection controller pursuant to Art. 4 No. 7, Art. 26 EU General Data Protection Regulation ("GDPR") is the
Geek Cell GmbH, Alte Molkerei 1A, 53343 Wachtberg, Germany

If you have any questions or comments about this Privacy Policy, data protection or data processing on this website in general, please contact us by e-mail at base64-image@geekcell.io or by mail at the above-mentioned address.

1.2 Your rights

In the following, we would like to inform you about your rights, which you can assert free of charge against the data controller in accordance with the statutory provisions:

Revocation of your consent (Art. 7 (1) GDPR),
Right to information about the processing of your personal data (Art. 15 GDPR),
Right to rectification or deletion of your personal data (Art. 16 and Art. 17 GDPR),
Right to restrict the processing of your personal data (Art. 18 GDPR),
Right to data portability,
Right to object to the processing of your personal data (Art. 21 GDPR).

If you are of the opinion that the processing of your personal data violates the GDPR or any other data protection law, you have the right to lodge a complaint with a data protection authority of your choice pursuant to Art. 77 (1) of the GDPR.

In order to assert your rights and claims, please contact us at the above-mentioned contact details of the Controller.

Please note that complete data security cannot be guaranteed by us when communicating by e-mail, so we recommend that you send confidential information to us by post.

1.3 Legal basis

In principle, your data only will be processed if there is a legal basis for doing so. In the following, we will go into more detail about the individual legal bases for the respective data processing, but in general the following applies:

Insofar as consent is obtained from the data subjects for data processing, Art. 6 (1) lit. a) GDPR is the corresponding legal basis.
For the processing of personal data for the fulfillment of a contract or in the context of pre-contractual measures, the legal basis is Art. 6 (1) lit. b) GDPR.
If the processing is necessary for the fulfillment of a legal obligation to which we are subject, the legal basis for the processing is Art. 6 (1) 1 lit. c) GDPR.
If the processing is carried out to protect our legitimate interests or those of a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interests, then the legal basis for the processing is Art. 6 (1) lit. f) GDPR.

1.4 Retention period

Your data will be deleted, or its processing restricted in accordance with the statutory provision, in particular in accordance with Art. 17 and 18 GDPR. Your data will therefore generally be deleted, if it is no longer required for the intended purpose, unless otherwise stated in this privacy policy. Data processing beyond these purposes will only take place if this is necessary for other and legally permissible purposes or if we have to retain your data due to legal retention periods. In these cases, processing will be restricted, i.e. blocked, and your data will not be further processed for other purposes.

Legal storage obligations result, for example, from:

§ 257 (1) HGB (6 years for commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) as well as from
§ 147 (1) AO (10 years for books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

1.5 Recipients, third country transfers, linked third party sites

In the following, you will find information about the third parties and processors to whom we transfer personal data. If we use various third-party services on our website, we will go into more detail later. However, in principle these services are used to make the website functional, secure, and visually appealing as well as to optimize its content. In general, we transfer personal data to the following categories of third parties:

Telecommunications service providers, service providers for hosting and other services in connection with our website, public authorities, insofar as a legitimate request has been made, credit institutions and payment service providers for the processing of payments, billing service providers, printing and postal service providers, insurance companies, insurance brokers and experts for the examination and settlement of claims, external accountants, auditors, legal advisors, and auditors.

If we transfer your personal data to a third country or an international organization, you will be informed separately about the transfer and the underlying legal basis. The data transfer will be legally secured with standard contractual clauses according to Art. 46 GDPR or other appropriate transfer safeguards according to Art. 44 et seq. GDPR.

Insofar as we use data processors for data processing, they are of course bound by our instructions and are carefully selected, commissioned, and regularly monitored by us. The assignments are based on data processing agreements in accordance with Art. 28 GDPR. The processors do not process data for their own purposes.

In particular, processors include:

IT service providers (maintenance and support),
Telemedia service providers for the operation of IT systems (web hoster for the provision of online platforms, provider of cloud software and backup services),
Service providers for the professional disposal of data waste.

Our website may contain links to third-party websites. Please note that we are not responsible for the processing of your personal data on these websites within the meaning of Art. 4 No. 7 GDPR, but the respective website operator. Therefore, please inform yourself in the privacy policies of the respective websites before disclosing personal data.

1.6 Data security

For reasons of data security, we use technical and organizational measures to protect your personal data against loss, manipulation, destruction, or other attacks by unauthorized persons. Our security measures are continuously adapted to the current state of the art. On our website, we use the technology of transport encryption (TLS) in the transmission of your personal data, which you can recognize by the "https".

2. Collection and processing of your personal data when using our website

Technical provision of the website, hosting

When accessing content on our website, data is temporarily stored via so-called log files, which may allow identification. The following data is collected:

IP address of the requesting computer,
Date and time of retrieval,
Host name of the requesting computer,
Website from which our website was accessed,
Websites that have been accessed via our website,
Message whether the retrieval was successful,
Information about the browser type as well as the version used,
Operating system,
Volume of data transferred.

The temporary storage is necessary for the retrieval and the course of a website visit to enable the delivery of the website. Furthermore, the log data is stored to ensure the functionality of the website and the security of the information technology systems. Your IP address will be shortened as quickly as possible so that identification is no longer possible.

The legal basis for the temporary storage is Art. 6 (1) lit. b) GDPR. The legal basis for the further storage of the shortened IP address is our legitimate interest in protecting our information technology systems (in particular in the event of abusive attacks) in accordance with Art. 6 (1) lit. f) GDPR. No personal evaluation of your data, in particular for marketing purposes, will take place without prior consent.

As soon as your data is no longer required to achieve the purpose for which it was collected, your data is deleted. In the case of the provision of the website, this is given when the respective session has ended. In general the log data is only kept accessible for administrators.

For the technical provision and operation of our website, we use the hosting provider Hetzner Online GmbH, Industriestrasse 25, 91710 Gunzenhausen, Germany. For this purpose, Hetzner processes meta and communication data on our behalf and based on our legitimate interests in an efficient and secure provision of our website according to Art. 6 (1) lit. f) GDPR. For this purpose, we have concluded an order processing agreement with Hetzner pursuant to Art. 28 GDPR.

2.2 Carbon Ads/BuySellAds

On the base of our legitimate interest (analysis, optimization and economic operation of our website; Art 6.1f GDPR) we use Carbons Ads - a service of BuySellAds, P.O. Box 55071 #30027, Boston, MA 02205-5071.

We use Carbon Ads to display ads on our website. We receive a payment in return. For this purpose we transfer the following data to BuySellAds:

IP address to determine geographic location
Browser type and operating system, as determined from user agent string. (We do not store the user agent string itself but do store a hash of the user agent.)
Creative, ad zone, and publisher segment(s) to determine where impressions and clicks are happening.

A detailed description of the collected data and the reasons can be found here: https://content.buysellads.com/articles/what-data-does-buysellads-collect/. The Privacy Policy of Carbon Ads can be found here: https://carbonads.net/privacy.php

2.3 Google Adsense

This website uses Google AdSense, a service for integrating advertisements from Google Inc. ("Google"). The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google AdSense uses so-called "cookies", text files that are stored on your computer and which enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages.

The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats are transmitted to a Google server in the USA and stored there. This information may be passed on by Google to contractual partners of Google. However, Google will not combine your IP address with other data.

The storage of AdSense cookies is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

You can prevent the installation of cookies by selecting the appropriate settings in your browser software; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. By using this website, you agree to the processing of the data collected about you by Google in the manner and manner and for the aforementioned purpose.

2.4 Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function allows you to link the advertising target groups created with Google Analytics Remarketing to the cross-device functions of Google AdWords and Google DoubleClick. This way interest-based, personalized advertising messages that have been customized for you based on your previous usage and surfing behavior on one device (e.g. mobile phone) can also be displayed on other of your devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history with your Google account. This means that the same personalized advertising messages can be displayed on any device on which you log in to your Google account, the same personalized advertising messages can be displayed.

To support this function, Google Analytics records Google-authenticated IDs of users that temporarily linked to our Google Analytics data to define and create target groups for cross-device ad targeting.

You can permanently opt out of cross-device remarketing/targeting by deactivate personalized advertising in your Google account; to do this, follow this link: https://www.google.com/settings/ads/onweb/.

The summary of the data collected in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a GDPR). In data collection processes that are not merged into your Google account (e.g. because you do not have a Google account or have objected to the merging) the collection of data is based on Art. 6 (1) (f) GDPR. The legitimate interest arises from the fact that the website operator has an has an interest in the anonymized analysis of website visitors for advertising purposes.

For more information and the data protection provisions, please refer to the data protection declaration of Google at: https://www.google.com/policies/technologies/ads/.

2.5 Google Adwords und Conversion-Tracking

This website uses Google AdWords. AdWords is an online advertising program provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").

We use conversion tracking as part of Google AdWords. When you click on an Google ad, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on the user's computer. These cookies expire after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user has clicked on the ad and has been redirected to this page .

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. Customers are provided with the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they no information that personally identifies users. If you do not want to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will not be included in the conversion tracking statistics.

The storage of "conversion cookies" is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and advertising.

For more information on Google AdWords and Google Conversion Tracking, please refer to the Google's privacy policy: https://www.google.de/policies/privacy/.

You can set your browser to inform you when cookies are set and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general exclude them, and activate the automatic deletion of cookies when the browser is closed. In the deactivation of cookies, the functionality of this website may be limited.

2.6 Consent management

We use the Cookiebot CMP Consent solution from Usercentrics to obtain your legally to store certain cookies on your device or to use certain technologies and to document this. The legal basis for this is Art. 6 para. 1c GDPR.

The following data is transferred to Usercentrics for this purpose:

Your consent (or revocation)
Your IP address
Information about your browser
Information about your device
Time of your visit to the website.

Usercentrics itself also sets a cookie to be able to assign your settings.

The provider of the Consent solution is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.

2.7 Payment services

Our platform integrates a payment service provided by the third-party company Stripe Payments Europe, Ltd. When purchasing token packs, your payment data (e.g. name, payment amount, bank account details, credit card number) as well as personal data (e.g. address, email address, IP address, phone number) are processed by the payment service provider for the purpose of payment processing and fraud prevention. The respective contractual and data protection terms of the respective providers apply to these transactions.

The use of payment service providers is based on Art. 6 (1) lit. b GDPR (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 (1) lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 (1) lit. a GDPR is the legal basis for data processing; consent can be revoked at any time for the future.

The provider of the payment service within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe").

The transfer of data to the USA is based on the Standard Contractual Clauses of the EU Commission. Details can be found at https://stripe.com/privacy and https://stripe.com/guides/general-data-protection-regulation.

You can read more details in Stripe's privacy policy at the following link: https://stripe.com/privacy.

2.8 Email

To send emails, we use the Rapidmail service provided by rapidmail GmbH (Wentzingerstraße 21, 79106 Freiburg im Breisgau, Germany). Rapidmail enables the management of an email contact database to communicate with you via email. Rapidmail is used to send transactional emails to you, such as registration confirmations or "forgot password" emails. No newsletters are sent.

The service manages data about the date and time an email was read by you, as well as when you interacted with incoming email messages, for example by clicking on links contained in the email.

A data processing agreement pursuant to Art. 28 GDPR has been concluded.

2.9 Authentication via GitHub

We offer the option to log in to our website using your GitHub account (OAuth). The provider is GitHub, Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA, a subsidiary of Microsoft Corporation.

When you log in via GitHub, an authentication request is sent to GitHub. If the login is successful, we receive the following data from your GitHub profile:

GitHub user ID (unique identifier),
Username,
Email address,
Profile picture URL (avatar).

This data is used exclusively for the purpose of user authentication, account creation and management on our platform. Your GitHub user ID serves as a unique identifier to link your account. Your username and avatar are used for display purposes within the application.

The legal basis for processing this data is Art. 6 (1) lit. b) GDPR (performance of a contract), as the login is required to provide our registered user services, and Art. 6 (1) lit. a) GDPR (consent), as you actively initiate the login process via GitHub.

The data is stored for as long as your user account exists on our platform. You can request the deletion of your account and all associated data at any time by contacting us at base64-image@geekcell.io or by using the account deletion function in your user settings.

Please note that when using GitHub login, data may be transferred to the USA. GitHub/Microsoft participates in the EU-US Data Privacy Framework, which ensures an adequate level of data protection. For more information, please refer to GitHub's privacy policy: https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement.

2.10 Contact

You can contact us by email to request a quote or conduct other correspondence.

In the context of email correspondence, we process your name, email address and the content of your inquiry (e.g. name of your company, position) as well as mandatory information that is absolutely necessary for the preparation of an offer. In the context of contacting by email, we process your personal data based on our legitimate interest in providing good customer service in accordance with Art. 6 (1) lit. f) GDPR or in accordance with Art. 6 (1) lit. b) GDPR if the contact is in connection with contractual performance obligations.

Your contact requests are deleted immediately after processing unless legal retention periods require further storage. After we have answered your inquiry, we archive it immediately so that it can only be viewed to a very limited extent. Purely informative inquiries, i.e., inquiries that do not lead to a contract or contain other content that must be retained, are deleted at the end of the year in which the inquiry was made. See "Retention period" for more information.

Status: May 2026

2.11 User Feedback

You can submit voluntary feedback via the feedback widget on our website. When doing so, we collect your name, a subject, and your feedback message. Additionally, we store your IP address for spam protection purposes.

If you are logged in, we also store your email address in order to send you a confirmation email. Anonymous users (not logged in) can submit feedback without providing an email address.

The legal basis for this processing is Art. 6 (1) lit. f) GDPR (legitimate interest in improving our service based on user feedback). Feedback data is stored for up to 2 years and then deleted. You may request deletion of your feedback at any time by contacting base64-image@geekcell.io.