privatecoffee-website/templates/privacy.html

{% extends "base.html" %} {% block title %}Privacy Policy{% endblock %}
{% block content %}
<div class="container">
  <div class="text-center mb-5">
    <h1 class="special-header fancy-text-primary">Privacy Policy</h1>
    <p class="lead">
      This is the privacy policy for the website private.coffee. It describes
      how we collect and use your personal data.
    </p>
  </div>
  <div class="section">
    <p>
      This privacy policy is effective as of 2024-04-26. It may be updated from
      time to time, so please check back regularly.
    </p>
    <p>
      If you have any questions about this privacy policy, please contact us at
      <a href="mailto:support@private.coffee">support@private.coffee</a>.
    </p>
  </div>
  <div class="section">
    <h2>Who are we?</h2>
    <p>The data controller for private.coffee is:</p>
    <address>
      Private.coffee &dash; Verein zur Förderung von Privatsphäre und digitaler
      Souver&auml;nit&auml;t<br />
      c/o Klaus-Uwe Mitterer<br />
      Gartengasse 22/7/3<br />
      8010 Graz<br />
      Austria<br />
    </address>
    <p>Central Register of Associations (ZVR) Number: 1758485319</p>
    <p>
      Email:
      <a href="mailto:support@private.coffee">support@private.coffee</a>
    </p>
  </div>
  <div class="section">
    <h2>What data do we collect?</h2>
    <p>We collect the following data from you:</p>
    <ul>
      <li>
        Your IP address, which is automatically collected by our web server for
        some of our services.
      </li>
      <li>
        Any data you provide to us, such as your email address, when you create
        an account on one of our services.
      </li>
      <li>
        Usage data that is collected automatically by our services, such as the
        time you last logged in, or the number of times you have logged in, as
        well as any content you create using our services.
      </li>
      <li>
        Any information, including personal data and payment information, that
        you provide to us when you make a donation or join our association.
      </li>
    </ul>
  </div>
  <div class="section">
    <h2>How do we use your data?</h2>
    <p>
      We use your data to provide you with the services you requested. This
      includes:
    </p>
    <ul>
      <li>Communication between our web server and your browser</li>
      <li>Storing your preferences or your created content</li>
      <li>Detection of abuse or resource exhaustion on our servers</li>
      <li>Providing support to you</li>
      <li>Processing donations and memberships</li>
    </ul>
    <p>
      All of those are what is called "legitimate interests" in legal speak.
    </p>
    <p>
      We do not use your data for any other purposes, including marketing,
      advertising, or tracking, we do not share your data with third parties
      (unless required by law), we do not use your data to create profiles or
      make automated decisions, and we do not cross-reference your data between
      different services or any other sources.
    </p>
  </div>
  <div class="section">
    <h2>Where do we store your data?</h2>
    <p>
      We store your data on our web servers, which are located in Austria. We
      also use servers in Germany, but those are not public-facing and do not
      store or process any personal data.
    </p>
  </div>
  <div class="section">
    <h2>How long do we store your data?</h2>
    <ul>
      <li>
        IP addresses collected by our web server are stored for up to 48 hours.
        After that, the log files that contain them are deleted automatically.
      </li>
      <li>
        Data associated with an account you have on one of our services is
        stored for as long as you have an account on that service. If you delete
        your account, your data will be deleted automatically. The service will
        have a dedicated privacy policy, please consult that if you have any
        specific questions.
      </li>
      <li>
        If you send a support request to us, we will store your email address
        and any other data you provide to us for up to 30 days in our support
        system. After that, the data will be deleted automatically.
      </li>
      <li>
        Data associated with a donation is stored for as long as required by
        law, which is currently 7 years in Austria. After that, the data will be
        deleted.
      </li>
      <li>
        Data associated with a membership is stored for as long as you are a
        member of our association. If you leave the association, your data will
        be deleted automatically. This does not apply to data that is required
        by law to be stored for a longer period of time, such as financial
        records, which are stored for 7 years regardless of your membership
        status.
      </li>
    </ul>
  </div>
  <div class="section">
    <h2>What are your data protection rights?</h2>
    <p>You have the following data protection rights:</p>
    <ul>
      <li>You have the right to request access to your personal data.</li>
      <li>You have the right to request correction of your personal data.</li>
      <li>You have the right to request erasure of your personal data.</li>
      <li>
        You have the right to request restriction of processing of your personal
        data.
      </li>
      <li>You have the right to object to processing of your personal data.</li>
      <li>You have the right to request transfer of your personal data.</li>
    </ul>
    <p>If you make a request, we have one month to respond to you.</p>
    <p>
      If you would like to exercise any of these rights, please contact us at
      <a href="mailto:support@private.coffee">support@private.coffee</a>.
    </p>
    <p>
      Your privacy is important to us - after all, that's why we're all here -
      and we will do our best to respond to your request as soon as possible.
      Please note that we may need to verify your identity before we can respond
      to your request - we will not share your data with anyone else.
    </p>
    <p>
      If you are not satisfied with our response, or believe that we are
      processing your data in a way that is not compliant with the law, you have
      the right to lodge a complaint with the supervisory authority in your
      country. In Austria, this is the Austrian Data Protection Authority (<a
        href="https://www.dsb.gv.at/"
        >https://www.dsb.gv.at/</a
      >). However, we like to think of ourselves as nice people and will try to
      help you out directly, and are always open to suggestions for improvement,
      so please do get in touch with us if you have any questions or concerns.
    </p>
  </div>
  <div class="section">
    <h2>What are cookies?</h2>
    <p>
      Cookies are small text files that are placed on your computer or mobile
      device when you visit a website. They are widely used to make websites
      work, or work more efficiently, as well as to provide information to the
      owners of the site. Cookies are stored on your device, and can be accessed
      by the website that created them. They are not harmful to your device, and
      do not directly contain any personal data, but are used by our services to
      identify you between multiple visits.
    </p>
    <p>
      Cookies are used on some of our services to provide you with a better
      experience. For example, we use cookies to remember your preferences and
      settings - for example, to allow you to login to our services - and to
      provide you with a better experience when browsing our services. We do not
      use cookies to track your activity, either on our services or on other
      websites. In legal/technical terms, we exclusively use "strictly
      necessary" first-party cookies, which is also why you don't see any cookie
      banners on our website.
    </p>
  </div>
</div>
{% endblock %}