Privacy Policy
Summary: At datafreedom, the protection of your data is our top priority. We do not collect or store any personal customer data and completely refrain from collecting usage data.
1. Responsible Party
Responsible for the collection, processing, and use of your personal data within the meaning of the General Data Protection Regulation (GDPR) is:
shcv.it OÜ
Männimäe 1
74626 Pudisoo
Estonia
E-Mail: contact@datafreedom.eu
2. Principles of Data Processing
The protection of your privacy is of utmost importance to us. This privacy policy informs you about what personal data we collect and store from you when you use our services or visit our website. You will also receive information about how and for what purpose your data is used and what rights you have regarding the use of your data.
3. What Data We Collect
3.1 Website Visit
We deliberately refrain from storing technical usage data.
Our website works without any tracking mechanisms or analytics tools. There is no statistical evaluation of user behavior and no cookies are set for tracking purposes. This consistent implementation of data minimization is part of our philosophy for maximum protection of your privacy.
3.2 Use of Our Cloud Service
We place the utmost importance on data minimization and do not collect any customer data, except for those absolutely necessary for payment processing.
Important note on data collection: Payment processing is handled exclusively through our payment service provider Stripe. During the checkout process, the following data is collected directly by Stripe:
- Payment information (credit card details or other payment methods)
- Email address (only for sending payment confirmation)
We ourselves do not store or process this data. After successful payment, you will receive a payment confirmation directly from Stripe to the email address you provided. We do not collect or store any other personal data such as names, addresses, or telephone numbers.
3.3 Storing Content
All content stored in our cloud solution is exclusively hosted in data centers in Germany. All data is secured with AES-256 encryption, both during transmission and storage. In line with our core principles, we do not analyze or sell your data.
4. Legal Basis for Data Processing
The legal basis for processing your personal data is derived from Art. 6 GDPR. According to this, processing is lawful if it is necessary for the performance of a contract, if you have given consent, or if it is necessary for the purposes of the legitimate interests pursued by the controller.
5. Data Sharing
We do not collect or store any personal customer data, except for the technical data that is automatically collected when using the website (see point 3.1). The only interface where personal data is processed is the payment process via our external payment service provider Stripe.
Please note that during the payment process:
- The entry of payment data is done directly on Stripe's servers
- We do not receive access to complete payment information
- The invoice and payment confirmation is sent directly to you by Stripe
- Stripe's privacy policy applies in addition to this declaration
In general, data is only shared if:
- You have given your explicit consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR,
- The disclosure is necessary for the protection of legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR,
- There is a legal obligation for disclosure according to Art. 6 Para. 1 S. 1 lit. c GDPR.
6. Data Security
We use state-of-the-art technical measures to protect your personal data:
- End-to-end encryption with AES-256 standard
- Secure connection via HTTP/3 TLS 1.3 AES-256
- Geographically separated backups according to BSI guidelines
- Regular security audits and updates
7. Your Rights
You have the following rights regarding your personal data stored with us:
- Right to information (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to processing (Art. 21 GDPR)
- Right to withdraw consent given (Art. 7 Para. 3 GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
8. Deletion of Data
The personal data stored by us will be deleted as soon as it is no longer required for its purpose and no legal retention periods exist. If you exercise your right to deletion, all data will be deleted, provided there is no legal obligation to store it.
9. Changes to the Privacy Policy
We reserve the right to adapt this privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services in the privacy policy. The new privacy policy will then apply to your subsequent visits.
Last updated: April 2025
Terms and Conditions
Summary: Our Terms and Conditions govern the use of the datafreedom cloud service. We offer a service that can be canceled monthly without a minimum contract term, with storage exclusively in Germany and high security standards according to BSI guidelines.
1. Scope
These General Terms and Conditions (hereinafter "T&Cs") apply to all contracts between datafreedom, a secure cloud solution focusing on German data protection standards, (hereinafter "Provider") and the customer (hereinafter "User") regarding the use of cloud services and related services from datafreedom.
2. Service Description
2.1 The provider makes online storage space available to the user, which is measured according to the tariffs valid at the time of contract conclusion.
2.2 The data is stored exclusively in Germany and is therefore subject to German data protection law.
2.3 Access to the cloud service is via the Internet using a browser or through the apps and integrations provided by the provider.
2.4 The provider guarantees a service availability of 99.5% on an annual average. In case of disruptions, we inform our customers transparently and work immediately on a solution. This excludes times when the service cannot be reached due to technical or other problems that are not within the provider's sphere of influence.
3. User Obligations
3.1 The user agrees not to store or share any illegal content, in particular content that violates applicable law or infringes on the rights of third parties.
3.2 The user is responsible for securing their access data and commits to using secure passwords and changing them regularly. We recommend using two-factor authentication for maximum security.
3.3 The user undertakes not to take any measures that could impair the functionality of the provider's infrastructure.
3.4 The use of the service is permitted exclusively for lawful purposes. In particular, the following are prohibited:
- Distribution of malware or computer viruses
- Illegal file sharing
- Storage or distribution of copyrighted material without authorization
- Hosting of content with an illegal or harmful character
4. Prices and Payment Terms
4.1 The prices for using the cloud service are based on the provider's price list valid at the time of contract conclusion.
4.2 Payment is made monthly in advance and is processed via the payment method chosen by the user.
4.3 In case of payment default, the provider is entitled to temporarily block access to the services until the payment arrears have been settled.
5. Contract Duration and Termination
5.1 The contract is concluded for an indefinite period and can be terminated by the user at any time at the end of the current month.
5.2 The provider can terminate the contract with a notice period of 30 days to the end of the month.
5.3 The right to extraordinary termination for important reasons remains unaffected.
5.4 After termination of the contract, all user data will be irrevocably deleted after a period of 30 days. During this period, the user has the option to download their data.
6. Data Security and Data Protection
6.1 The provider undertakes to take appropriate technical and organizational measures to protect the user's data. This includes, in particular, end-to-end encryption of data, regular backups according to BSI security standards, and continuous security checks.
6.2 The processing of personal data is carried out in accordance with the provider's privacy policy, which can be viewed under Privacy Policy.
7. Liability
7.1 The provider is liable for damages if they are based on an intentional or grossly negligent breach of duty by the provider, its legal representatives, or agents.
7.2 The provider assumes no liability for the loss of data if the damage is based on the fact that the user has not carried out adequate data backup.
7.3 In case of violations of the terms of use (especially point 3.4), the provider reserves the right to:
- Terminate the contract without notice
- Assert claims for damages
- Pass on the costs for legal prosecution, system recovery, and verification to the user
7.4 The user is obliged to take reasonable measures to minimize damage.
8. Changes to the T&Cs
8.1 The provider reserves the right to change these T&Cs if this is necessary for technical, legal, or economic reasons.
8.2 Changes to the T&Cs will be communicated to the user by email at least 30 days before they come into effect. For significant changes, we will provide you with a detailed explanation. If the user does not object within 30 days of receiving the notification, the modified T&Cs are deemed accepted.
9. Final Provisions
9.1 The law of the Federal Republic of Germany applies, excluding the UN Convention on Contracts for the International Sale of Goods.
9.2 Should individual provisions of these T&Cs be or become invalid, the validity of the remaining provisions shall remain unaffected.
As of: April 2025
Imprint
1. Information according to § 5 TMG
shcv.it OÜ
Männimäe 1
74626 Pudisoo
Estonia
2. Contact
Phone: +49 3529 580 4996
E-Mail: contact@datafreedom.eu
3. Responsible for content according to § 55 Para. 2 RStV
shcv.it OÜ
Männimäe 1
74626 Pudisoo
Estonia
4. EU Dispute Resolution
The European Commission provides a platform for online dispute resolution (OS): https://ec.europa.eu/consumers/odr/. You can find our email address in the imprint above.
5. Consumer Dispute Resolution
We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.
As of: April 2025
Right of Withdrawal
1. Withdrawal Information
You have the right to withdraw from this contract within fourteen days without giving any reason.
2. Consequences of Withdrawal
In the event of an effective withdrawal, we must reimburse you for all payments we have received from you immediately and at the latest within fourteen days from the day on which we received notification of your withdrawal from this contract.
3. Special Notes
For contracts for services, your right of withdrawal expires prematurely if the contract has been completely fulfilled by both parties at your express request before you have exercised your right of withdrawal.
As of: April 2025