Privacy Policy

Last updated: 2026-02-08

1. Data Controller

The data controller for this website is:
Portalix UG (haftungsbeschränkt)
Thalkirchner Str. 103
81371 Munich, Germany
Email: datenschutz@trustee.eu
Phone: +49 179 2274171

2. Collection and Storage of Personal Data

2.1 What data is collected?

When using our platform, the following data is collected:

  • Email address: For registration, authentication and contact
  • Registration timestamp: To document your consent

2.2 Legal Basis

Your data is processed based on your explicit consent (Art. 6(1)(a) GDPR) and for contract fulfillment (Art. 6(1)(b) GDPR).

3. Use of Data

Your data is used exclusively for the following purposes:

  • Sending a confirmation email (double opt-in)
  • Authentication via magic link (passwordless login)
  • Providing the compliance dashboard
  • Communication about service updates
  • Statistical analysis (anonymized)

Your data will NOT be shared with or sold to third parties.

4. Storage Duration

Your data will be stored as long as your account is active or until you withdraw your consent. After deletion of your account or upon your request, your data will be deleted immediately.

5. Your Rights

You have the right at any time to:

  • Access (Art. 15 GDPR): What data do we have stored about you?
  • Rectification (Art. 16 GDPR): Correction of incorrect data
  • Erasure (Art. 17 GDPR): Deletion of your data ("right to be forgotten")
  • Restriction (Art. 18 GDPR): Restriction of processing
  • Data portability (Art. 20 GDPR): Export of your data
  • Objection (Art. 21 GDPR): Objection to processing
  • Withdrawal of consent (Art. 7(3) GDPR): Your consent can be withdrawn at any time

Contact for data protection inquiries:
Email: datenschutz@trustee.eu

6. Double Opt-In Procedure

We use the double opt-in procedure. This means:

  1. You register with your email address
  2. You receive a confirmation email with a verification link
  3. Only after clicking the link will your account be activated

This protects against misuse and ensures that only you can sign up yourself.

7. Hosting & Data Security

Our website is hosted in Germany/EU. All data is transmitted encrypted (SSL/TLS). We take technical and organizational measures to protect your data.

8. Cookies & Rate Limiting

This website does not use tracking cookies. We only use technically necessary session cookies that are automatically deleted at the end of your visit.

Rate Limiting: To protect against abuse, we use rate limiting that temporarily stores hashed IP addresses in memory. These are not permanently stored and are used solely for protection against automated attacks (Art. 6(1)(f) GDPR - legitimate interest).

9. Third-Party Service Providers

We use the following third-party providers to deliver our services:

9.1 Cloudflare Turnstile (Bot Protection)

To protect our forms from automated attacks (bots, spam), we use Cloudflare Turnstile, a service provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.

When using our registration forms, the following data is transmitted to Cloudflare:

  • IP address (for bot detection, not permanently stored)
  • Browser information (User-Agent)
  • Interaction data with the captcha widget

Cloudflare is certified under the EU-US Data Privacy Framework. Data processing is based on our legitimate interest in protection against abuse (Art. 6(1)(f) GDPR).

Cloudflare's privacy policy: https://www.cloudflare.com/privacypolicy/

9.2 Mailgun (Email Delivery)

For sending emails (confirmations, login links) we use Mailgun Technologies, Inc., 112 E Pecan St #1135, San Antonio, TX 78205, USA.

We exclusively use Mailgun's EU infrastructure (data centers in the EU), so your data does not leave the EU.

Transmitted data:

  • Email address
  • Email contents (confirmation links, login links)

Data processing is based on Art. 6(1)(b) GDPR (contract fulfillment) and Art. 6(1)(a) GDPR (consent).

Mailgun's privacy policy: https://www.mailgun.com/legal/privacy-policy/

10. Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority about our processing of personal data.

Competent authority in Germany:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153, 53117 Bonn, Germany
Phone: +49 (0)228-997799-0
Email: poststelle@bfdi.bund.de

11. Changes to this Privacy Policy

We reserve the right to adapt this privacy policy to comply with changed legal requirements or changes to our service. The current version can always be found on this page.