This Privacy Policy explains how personal data is processed when using this website.
Albin Krenz
Am Markt 22
14542 Werder (Havel)
Germany
Email: info@cs-charts.com
This website is hosted by Hetzner Online GmbH, which provides the technical infrastructure.
When the website is accessed, the following information is automatically recorded in server log files:
These data are required to ensure stable and secure operation (Art. 6(1)(f) GDPR). Server log files are stored by the hosting provider for security and operational purposes and are automatically deleted according to the provider's retention policies.
All data processing takes place in data centers within the European Union.
Certain features (e.g. watchlist) require a user account. For account creation and usage, the following data are processed:
This processing is necessary to provide the service (Art. 6(1)(b) GDPR). Data is stored for as long as the account exists.
This website uses essential cookies that are required for the operation of core functions.
An authentication cookie is used to keep users logged in across visits and to associate the account with personal features such as the watchlist. This cookie contains an anonymized authentication token and enables the system to recognize a previously logged-in user. It is not used for analytics, tracking, or marketing purposes.
The cookie is set for the domain ".cs-charts.com" and may therefore be accessed by subdomains when necessary for the functioning of the service. The cookie is a persistent cookie and is stored for up to 30 days (or until the user logs out or deletes their account). The processing is based on the legitimate interest in providing a secure and user-friendly login system and personalized functionality (Art. 6(1)(f) GDPR).
If Local Storage is used for storing watchlist data or user preferences:
Data stored in your browser's Local Storage is not transmitted to the server unless explicitly stated. The use of Local Storage is based on the legitimate interest in providing user-friendly functionality (Art. 6(1)(f) GDPR).
For processing payments, we use the payment service provider Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland ("Stripe").
When a payment is made, the following data is transmitted to and processed by Stripe:
The legal basis is Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interest in fraud prevention and secure payment processing).
Transfer to the United States: Stripe Payments Europe, Ltd. may transfer data to its parent company Stripe, Inc. in the United States. Stripe, Inc. is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection (Art. 45 GDPR). Standard Contractual Clauses additionally apply.
A Data Processing Agreement pursuant to Art. 28 GDPR has been concluded with Stripe.
Further information: https://stripe.com/privacy
For sending transactional emails (e.g. registration confirmations, account-related notifications, payment receipts) we use the service Resend, operated by Resend, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA.
The following data is transmitted to and processed by Resend:
The legal basis is Art. 6(1)(b) GDPR (performance of a contract, where emails are necessary to provide the service) and Art. 6(1)(f) GDPR (legitimate interest in reliable email delivery).
Transfer to the United States: Resend, Inc. is based in the United States. The transfer is based on the EU-U.S. Data Privacy Framework (Art. 45 GDPR) and additionally on Standard Contractual Clauses. A Data Processing Agreement pursuant to Art. 28 GDPR has been concluded with Resend.
Further information: https://resend.com/legal/privacy-policy
If you contact us by email, your message including personal data is processed for handling your inquiry (Art. 6(1)(b) or Art. 6(1)(f) GDPR). Data is deleted when it is no longer required for processing your request.
Data Processing Agreements pursuant to Art. 28 GDPR have been concluded with all relevant processors, including Hetzner Online GmbH (hosting), Stripe (payment processing), and Resend (email delivery). These processors process personal data only on our instructions and exclusively for the purposes described in this Privacy Policy.
Personal data is only transmitted to third parties where necessary for operating this website, in particular to the processors named above (hosting provider, payment service provider, email service provider). No further disclosures are made unless legally required or permitted.
Technical and organizational measures are implemented according to Art. 32 GDPR to protect personal data. This includes encrypted communication via TLS/HTTPS and hashed password storage.
Personal data is stored only for as long as required for the specified purposes or as required by law.
You may request deletion of your account at any time. Statutory retention obligations remain unaffected.
You have the following rights under the GDPR:
To exercise these rights, contact the controller using the contact details in Section 1.
If processing is based on consent, consent can be withdrawn at any time (Art. 7(3) GDPR). Withdrawal does not affect the lawfulness of processing prior to withdrawal.
No automated decisions or profiling are carried out by the controller. Note that Stripe may use automated processes for fraud prevention as part of its payment service.
This website may be accessed by users from California. In accordance with the California Privacy Rights Act (CPRA), California residents have the following rights regarding their personal information:
This website does not sell personal data within the meaning of the CPRA and does not share data for cross-context behavioral advertising. California residents may exercise their rights by contacting the controller using the information provided in Section 1.
This Privacy Policy may be updated if technical changes or new features require it. The current version is always available on this page.