1. Controller

TechTrade Solutions UG (haftungsbeschränkt)

Frickestraße 2

04105 Leipzig

Deutschland

No data protection officer has been appointed, as there is no legal obligation to do so.

2. General Information on Data Processing

The protection of your personal data is of particular concern to us. We consider it our responsibility to create secure environments for you and to reduce the processing or disclosure of your personal data to the absolute minimum in every case. To this end, we implement well-thought-out systems that ensure you have a simple experience with the highest level of (data) security, regardless of the level at which you interact with us. Personal data refers to all information relating to an identified or identifiable natural person. We process your personal data exclusively in accordance with the statutory data protection regulations, in particular the General Data Protection Regulation (GDPR).

This privacy policy informs you about which personal data we collect, to what extent, for what purpose, and on what legal basis we process and use it when you use our services.

3. Data Processing

When you visit our website, various information is transmitted to our server by your browser and temporarily logged (hereinafter referred to as 'log data'). This log data includes, among other things, your IP address, the date and time of access, the page accessed, the referrer URL, the browser used, the operating system of your device, and other data transmitted by your browser and your request. Our legitimate interest lies in ensuring the stable and secure operation of our website in accordance with Article 6(1)(f) GDPR. We do not use your data to draw conclusions about your person and protect it from unauthorized access. We reserve the right to subsequently check the log data if there are concrete indications of illegal use. Log data that may contain personal data is stored for 7 days, but no longer than 14 days. In the event of a security-related incident, we reserve the right to store the data until the incident is resolved.

Your email address is processed in the context of an order to fulfill the contract and to provide you with access to your order (e.g., confirmation, verification of your email) in accordance with Art. 6(1)(b) and Art. 6(1)(f) GDPR. We store your personal data for as long as necessary for the respective purposes or as required by law. The storage period is determined by legal retention obligations (e.g., commercial and tax law: up to 10 years according to § 257 HGB, § 147 AO), contractual obligations, and other relevant regulations. Emails transmitted through orders are stored for a maximum of 12 months after the order is completed and are then automatically deleted from our systems, unless legal retention obligations prevent this. Providing your email address is contractually required. Without your email address, we cannot process your order.

If you have explicitly consented, your email address will be processed as part of our advertising or information programs (newsletters, product recommendations, etc.) in accordance with Art. 6(1)(a) GDPR. We log the consent, the sending of a confirmation email, and the receipt of the requested response. No further data is collected. You can revoke your consent at any time via the link included in every email or through the contact information provided in this privacy policy. In the event of revocation, we will delete your email address from our systems for advertising or information programs immediately, but no later than within 3 days.

Your phone number, email address, and other personal data (over which we have no control) are processed when you contact us. We process the content of your message that you voluntarily provide when contacting us. The processing of the data is carried out in accordance with Art. 6(1)(f) GDPR. This enables smooth communication. Depending on your intention, we may also process the data in accordance with Art. 6(1)(b) GDPR. We store personal data resulting from contact for up to 3 months, but no longer than 6 months.

4. Use of Technically Necessary Cookies

We use technically necessary cookies that are required for the functionality, stability, and security of our website. These include:

the cookie “hanko” (authentication, 12 hours),

the cookie “token” (session, until the end of the session),

the cookie “sidebar_state” (navigation, seven days),

the cookie “language” (language setting, one year),

the cookie “captchaToken” (security measure, 60 seconds),

and the cookie “bunny_shield” (security measure, 1 hour).

In addition, we use a tracking cookie – “aff_campaign” (tracking, 30 days) – which serves exclusively to assign our affiliate partners. This cookie enables us to correctly allocate the commission to the respective partners when a purchase is made through their referral. Consent is required for this cookie, as it is not technically necessary. No additional costs or disadvantages arise – the processing serves solely for commission allocation.

All cookies are processed in accordance with Art. 6 para. 1 lit. f and lit. a GDPR.

No user behavior analysis or profiling takes place.

5. Registration and Use of the Dashboard

We currently do not offer registration or dashboards.

6. Recipients, Third-Country Transfer

Your data will only be transmitted to recipients if this is technically necessary or required for contract fulfillment.

We operate, manage, and maintain our servers and applications ourselves, without involving any third parties, and strive to maintain this to avoid directly or indirectly disclosing your data.

Static content is provided by Bunny.net (BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia). Data processing takes place within the EEA. BunnyWay may receive data about your browser as described in Section 3.

For user account authentication, we use Hanko Auth, Hanko GmbH, Ringstr. 19, 24114 Kiel, Germany. Their servers are operated exclusively in the EU. Hanko may receive data about your browser as described in Section 3, your email address, and your login behavior.

We work with Mollie BV, Keizersgracht 126, 1015 CW Amsterdam, Netherlands, to process payments. The privacy policy of the respective payment service provider applies to the processing of payment data. We only transmit the order number for assignment purposes.

For the display and validation of our self-operated CAPTCHA, WebAssembly files are loaded from cdn.jsdelivr.net, whereby your browser transmits technical data as described in Section 3. This data is used exclusively for the secure functioning of our CAPTCHA; cdn.jsdelivr.net processes it independently according to its own privacy policy, over which we have no influence.

If you contact us via one of our specified channels, third-party operators of the communication services may record that you are in contact with us. We have no influence over this and recommend contacting us by email for inquiries.

No further transmission to other third parties or third countries takes place. We select our service providers with due regard for your data protection and adhere to the principle of data minimization. Please also review the privacy notices or statements of the respective service providers beforehand, as these may change.

We only transmit personal data to authorities if we are legally obliged to do so.

7. Storage Period and Legal Retention Obligations

We store your personal data for as long as necessary for the respective purposes, as permitted, or as required by law. The storage period is also determined by legal retention obligations (e.g., commercial and tax law: up to 10 years according to § 257 HGB, § 147 AO), contractual obligations, or, if not applicable, until the fulfillment of the respective purpose or revocation of your consent. After the expiration of the periods or the purpose ceases to apply, we delete or block your data and access in accordance with legal requirements.

8. Your Data Protection Rights

You have the right to information about the processed data (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR), and the right to object to processing (Art. 21 GDPR). You can revoke any consent given to us at any time with effect for the future.

You also have the right to lodge a complaint with the competent data protection supervisory authority.

Please contact us using the contact details provided in this privacy policy to exercise your rights.

9. Automated Decision-Making and Profiling

Automated decision-making, including profiling in accordance with Art. 22 GDPR, does not take place when using our website.

10. Existence of a Legal or Contractual Obligation to Provide Data

If the provision of personal data is required by law or contract or is necessary for the conclusion of a contract, we will inform you accordingly at the relevant point.

11. Data Security

We implement appropriate technical and organizational measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access. Our security measures are continuously adapted to the state of the art.

12. Changes to This Privacy Policy

We reserve the right to adapt this privacy policy as necessary to legal or technical changes. You can always find the current version on our website.

13. Contact Details of the Supervisory Authority

Competent supervisory authority: Saxon Data Protection and Transparency Officer, Maternistraße 17, 01067 Dresden