datenschutz
Datenschutz
Datenschutzhinweise für Resistro und Resistro Cloud.
Die Anbieterkennzeichnung steht auf der separaten Seite Impressum.
Controller
Alexander Renz, UUXO, Germany.
Email: hello@resistro.org
Data We Collect
- Account data: Email address, name, hashed password
- Billing data: Processed by Paddle. We do not store credit card numbers.
- Technical data: Database names, backup metadata, agent hostname and version, IP addresses in access logs
- Backup data: Encrypted with your key. We cannot read it.
Legal Basis (Art. 6 GDPR)
- Contract performance under Art. 6(1)(b) GDPR: account management and service delivery
- Legitimate interest under Art. 6(1)(f) GDPR: security logging and abuse prevention
- Consent under Art. 6(1)(a) GDPR: marketing emails on opt-in basis only
Data Processing
- Hosting: Hetzner Online GmbH, Germany (EU). Data never leaves the EU.
- Payments: Paddle.com Market Ltd, UK. Paddle acts as Merchant of Record.
- Email: SMTP via our own infrastructure (EU-hosted).
Data Retention
- Account data: until account deletion plus 30 days
- Backup data: per retention policy, maximum 30 days after cancellation
- Access logs: 90 days
- Billing records: 10 years under German tax law
Your Rights
Under GDPR, you have the right to access, rectify, delete, restrict processing, receive portability, object to processing, and lodge a complaint with a supervisory authority.
To exercise these rights, email hello@resistro.org.
Cookies
We use only essential cookies through the session token stored in local storage. No tracking cookies, no analytics, no third-party scripts.
Security
All connections use TLS 1.3. Passwords are hashed with bcrypt. Backup data is AES-256 encrypted end-to-end. Infrastructure is hosted in ISO 27001 certified Hetzner data centers in Germany.
