Privacy Policy

This is an English translation of our Datenschutzerklärung. The legally binding version is the German original at /datenschutz.

1. Data Controller

DuyTec GmbH

Im Meerbachbogen 8

31582 Nienburg, Germany

Email: [email protected]

Managing Director: Yasin Sapmaz

2. Legal Basis for Processing

a) Account Data (email, hashed password)

Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Purpose: Authentication, password reset, and transactional notifications.

b) Signaling Data (connection establishment between devices)

Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Purpose: Establishing peer-to-peer connections. File contents are not transmitted through our servers.

c) Payment Data (via Stripe)

Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Purpose: Processing paid subscriptions. Credit card data is processed exclusively by Stripe.

3. Data Retention

Account data: Until the user deletes their account.

Signaling data: Only for the duration of connection establishment, no permanent storage.

Payment data: In accordance with statutory retention periods (6 years per HGB, 10 years per AO).

Server logs: Maximum 30 days, for error analysis.

4. Your Rights

You have the following rights regarding your personal data:

1. Right of access (Art. 15 GDPR)

2. Right to rectification (Art. 16 GDPR)

3. Right to erasure (Art. 17 GDPR)

4. Right to restriction of processing (Art. 18 GDPR)

5. Right to data portability (Art. 20 GDPR)

6. Right to object (Art. 21 GDPR)

7. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, contact us at: [email protected]

5. Supervisory Authority

Die Landesbeauftragte für den Datenschutz Niedersachsen

Prinzenstraße 5

30159 Hannover, Germany

Phone: +49 511 120-4500

Email: [email protected]

6. Payment Processing (Stripe)

We use Stripe (Stripe Inc., 354 Oyster Point Blvd, South San Francisco, CA 94080, USA) for payment processing. When you subscribe to a paid plan, your payment data is processed directly by Stripe. We do not store credit card numbers or payment details on our servers. You can find Stripe's privacy policy at: https://stripe.com/privacy

7. Hosting

This website and the DataFly server are hosted on a dedicated server in Germany. All data processing takes place exclusively within the European Union.

8. Cookies & Local Storage

DataFly does not use cookies. Session management is handled via JSON Web Tokens (JWT). No tracking cookies, analytics cookies, or third-party cookies are used. The landing page itself sets no cookies and uses no tracking. Consent under TDDDG § 25 is therefore not required.