Privacy Policy

We are pleased that you are using our Memofreeze platform. Protecting your personal data is important to us. Below we inform you about the processing of your data according to Art. 13 of the General Data Protection Regulation (GDPR).

1. Responsible Party

The party responsible for data processing on this website within the meaning of the GDPR is:

Kevin Linne
Fröbelstr. 40
35394 Gießen
Germany

info@memofreeze.com

2. Collection and Storage of Personal Data

When visiting our website and using our services, we process the following personal data:

a) Visiting the Website

IP address
Date and time of access
Browser type and version
Operating system
Referrer URL

These data are temporarily stored in log files to ensure the functionality of the website. The legal basis for this is Art. 6 para. 1 lit. f GDPR.

b) Registering and Using the Guestbook

To use our guestbook and create events, we process the following data:

Name
Email address
Posts (texts, photos, and answers to questions and votings)

Processing is carried out to fulfill the usage contract according to Art. 6 para. 1 lit. b GDPR.

c) Payment Data

To process payments, we use the payment service provider Stripe. Processing is carried out to fulfill the contract according to Art. 6 para. 1 lit. b GDPR.

d) Photos

Guests can upload photos. Please note that you are responsible for obtaining consent from individuals depicted in the photos. The legal basis is Art. 6 para. 1 lit. a GDPR (consent).

3. Purpose and Legal Basis of Data Processing

We process the data we collect for the following purposes:

Providing the platform and its functions
Storage of guestbook entries for 3 years
Processing payments
Support and error resolution

The legal basis is Art. 6 para. 1 lit. b (contract performance) and lit. f (legitimate interest).

4. Disclosure to Third Parties

We only disclose personal data to third parties if this is necessary for contract performance or if we are legally obligated to do so:

Hosting: Our platform is hosted by Netcup. To provide our services, we use the services of our processor Supabase, Inc, a Delaware corporation, 970 Toa Payoh North #07-04, Singapore 318992, Singapore, with whom we have concluded a data processing agreement (“DPA” = Data Protection Agreement). The data processing agreement concluded with Supabase includes the EU standard contractual clauses (“SCC”) and in this respect offers sufficient guarantees within the meaning of Art. 46 et seq. GDPR. You can find the DPA and the SCC here: https://supabase.com/legal/dpa
Payment Provider: We use Stripe for payment processing.
Analytics: If we use tools like Google Analytics, this will only occur with your consent (cookie banner).

Data is only transferred to third countries if an adequate level of data protection is guaranteed (e.g., through EU standard contractual clauses).

5. Storage Period

We store your personal data for the following periods:

Guestbook entries and event data: 3 years after the creation of the event
Payment data: according to statutory retention periods (usually 10 years)
Log files: a maximum of 30 days

After these periods, the data will be deleted or anonymized.

6. Rights of Data Subjects

You have the right to access, correct, delete, restrict processing, data portability, and object. Please contact us if you wish to exercise your rights.

7. Cookies

We only use cookies that are essential for the use of our website (e.g. login).

8. Data Security

We take technical and organizational measures to protect your data from loss, destruction, manipulation, and unauthorized access.

9. Changes to the Privacy Policy

We reserve the right to change the privacy policy. The current version is always available on our website.

2. Collection and Storage of Personal Data

When visiting our website and using our services, we process the following personal data:

a) Visiting the Website

IP address

Date and time of access

Browser type and version

Operating system

Referrer URL

These data are temporarily stored in log files to ensure the functionality of the website. The legal basis for this is Art. 6 para. 1 lit. f GDPR.

b) Registering and Using the Guestbook

To use our guestbook and create events, we process the following data:

Name

Email address

Posts (texts, photos, and answers to questions and votings)

Processing is carried out to fulfill the usage contract according to Art. 6 para. 1 lit. b GDPR.

c) Payment Data

To process payments, we use the payment service provider Stripe. Processing is carried out to fulfill the contract according to Art. 6 para. 1 lit. b GDPR.

d) Photos

Guests can upload photos. Please note that you are responsible for obtaining consent from individuals depicted in the photos. The legal basis is Art. 6 para. 1 lit. a GDPR (consent).

4. Disclosure to Third Parties

We only disclose personal data to third parties if this is necessary for contract performance or if we are legally obligated to do so:

Hosting: Our platform is hosted by Netcup. To provide our services, we use the services of our processor Supabase, Inc, a Delaware corporation, 970 Toa Payoh North #07-04, Singapore 318992, Singapore, with whom we have concluded a data processing agreement (“DPA” = Data Protection Agreement). The data processing agreement concluded with Supabase includes the EU standard contractual clauses (“SCC”) and in this respect offers sufficient guarantees within the meaning of Art. 46 et seq. GDPR. You can find the DPA and the SCC here: https://supabase.com/legal/dpa

Payment Provider: We use Stripe for payment processing.

Analytics: If we use tools like Google Analytics, this will only occur with your consent (cookie banner).

Data is only transferred to third countries if an adequate level of data protection is guaranteed (e.g., through EU standard contractual clauses).