datenschutz

Datenschutz

Datenschutzhinweise für Resistro und Resistro Cloud.

Die Anbieterkennzeichnung steht auf der separaten Seite Impressum.

Controller

Alexander Renz, UUXO, Germany.
Email: hello@resistro.org

Data We Collect

  • Account data: Email address, name, hashed password
  • Billing data: Processed by Paddle. We do not store credit card numbers.
  • Technical data: Database names, backup metadata, agent hostname and version, IP addresses in access logs
  • Backup data: Encrypted with your key. We cannot read it.
  • Contract performance under Art. 6(1)(b) GDPR: account management and service delivery
  • Legitimate interest under Art. 6(1)(f) GDPR: security logging and abuse prevention
  • Consent under Art. 6(1)(a) GDPR: marketing emails on opt-in basis only

Data Processing

  • Hosting: Hetzner Online GmbH, Germany (EU). Data never leaves the EU.
  • Payments: Paddle.com Market Ltd, UK. Paddle acts as Merchant of Record.
  • Email: SMTP via our own infrastructure (EU-hosted).

Data Retention

  • Account data: until account deletion plus 30 days
  • Backup data: per retention policy, maximum 30 days after cancellation
  • Access logs: 90 days
  • Billing records: 10 years under German tax law

Your Rights

Under GDPR, you have the right to access, rectify, delete, restrict processing, receive portability, object to processing, and lodge a complaint with a supervisory authority.

To exercise these rights, email hello@resistro.org.

Cookies

We use only essential cookies through the session token stored in local storage. No tracking cookies, no analytics, no third-party scripts.

Security

All connections use TLS 1.3. Passwords are hashed with bcrypt. Backup data is AES-256 encrypted end-to-end. Infrastructure is hosted in ISO 27001 certified Hetzner data centers in Germany.