Privacy Policy

The following notices provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you could be personally identified.

Data processing on this website is carried out by the website operator. Their contact details can be found in the 'Contact' section of the legal notice.

The responsible party for data processing on this website is the natural or legal person named in the legal notice. The responsible party decides alone or jointly with others on the purposes and means of processing personal data.

Your personal data is collected by you providing it to us, e.g. by entering it in a contact form or during registration. Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g. internet browser, operating system or time of page access).

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time.

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data.

The host will only process your data to the extent necessary to fulfill its performance obligations and will follow our instructions regarding this data. We use the host on the basis of Art. 6 para. 1 lit. f GDPR.

The servers automatically collect information in so-called server log files, which your browser automatically transmits to us. These are: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request and IP address.

This website uses cookies. Some of them are necessary for the operation of the website, while others help us to improve this website and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies. Please note that if you refuse, not all website functions may be available.

Insofar as we use analytics tools, this is only done on the basis of your consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time via the cookie banner.

We use Stripe (Stripe Inc., 510 Townsend Street, San Francisco, CA 94103, USA) as our payment service provider. When making a payment, the payment data you enter (e.g. credit card number, expiration date, CVC) is transmitted directly to Stripe. Upnia does not store any credit card data. Data processing by Stripe is based on Art. 6 para. 1 lit. b GDPR (contract fulfillment). More information can be found in Stripe's privacy policy: https://stripe.com/privacy.

If you contact us by email or register for an account, the data you provide (e.g. email address, name) will be stored by us to process your inquiry or manage your account. We will not share this data without your consent. Processing is based on Art. 6 para. 1 lit. b GDPR (contract fulfillment) or Art. 6 para. 1 lit. f GDPR (legitimate interest in processing your inquiry).

We may use external services such as authentication services (Ory Kratos), cloud hosting providers and CDN services (Cloudflare). These services may have access to your IP address and possibly other usage data. Use is based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in the secure and efficient provision of our service.

Under the GDPR, you have the following rights: Right of access (Art. 15), Right to rectification (Art. 16), Right to erasure (Art. 17), Right to restriction of processing (Art. 18), Right to data portability (Art. 20), Right to object (Art. 21).

If you believe that the processing of your data violates data protection law, you have the right to lodge a complaint with a supervisory authority.