← Tracetics

Privacy Policy

Last updated: March 2026

1. Data Controller

The data controller within the meaning of the GDPR is:

Sven Arndt
Am Zeuggraben 27
09496 Marienberg, Germany
Email: contact@tracetics.com

2. Data Collected and Processing Purposes

2.1 Account Data

During registration we collect: name, email address, password (stored encrypted), and optional company details. Legal basis: Art. 6(1)(b) GDPR (contract performance).

2.2 Usage and Analytics Data

We process event data, funnel data, and technical metadata (timestamps, API calls) transmitted via our SDK or API. Legal basis: Art. 6(1)(b) and Art. 6(1)(f) GDPR (legitimate interest in operating the service).

2.3 Payment Data

Payment information (credit card, SEPA direct debit) is processed exclusively by our payment provider Stripe. We do not store full payment data on our servers. Legal basis: Art. 6(1)(b) GDPR.

2.4 Communication Data

Email addresses are used to send transactional emails (registration, password reset, invoices). Legal basis: Art. 6(1)(b) GDPR.

2.5 Technical Data

When accessing our services, IP addresses, browser information, and timestamps are automatically recorded in server logs. These are deleted after 30 days. Legal basis: Art. 6(1)(f) GDPR.

3. Third-Party Services

3.1 Stripe (Payment Processing)

Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Dublin 2, Ireland. Stripe is certified under the EU-US Data Privacy Framework. Privacy policy: stripe.com/privacy

3.2 Postmark (Transactional Email)

Wildbit LLC d/b/a Postmark, 225 Chestnut St, Philadelphia, PA 19106, USA. Data transfer is based on Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. Privacy policy: postmarkapp.com/privacy-policy

3.3 Zoho Mail (Support Communication)

Zoho Corporation B.V., Beneluxlaan 4B, 3527 HT Utrecht, Netherlands. Servers located in the EU. Privacy policy: zoho.com/privacy.html

4. Data Retention

Personal data is stored only as long as necessary for the respective purposes or as required by law. Account data is deleted 90 days after subscription termination, unless statutory retention obligations apply (e.g. 10-year retention for invoice data under German tax law). Event and funnel data is retained according to your plan settings.

5. Your Rights

Under GDPR you have the following rights:

  • Access (Art. 15 GDPR): Right to information about stored data
  • Rectification (Art. 16 GDPR): Right to correction of inaccurate data
  • Erasure (Art. 17 GDPR): Right to deletion under certain conditions
  • Restriction (Art. 18 GDPR): Right to restrict processing
  • Portability (Art. 20 GDPR): Right to receive your data in machine-readable format
  • Objection (Art. 21 GDPR): Right to object to processing

To exercise your rights, contact: contact@tracetics.com

6. Cookies

We use only technically necessary cookies (session cookies for authentication). No tracking or marketing cookies are used.

7. Data Security

All data transfers are encrypted via HTTPS/TLS. Passwords are stored using state-of-the-art hashing (bcrypt). Our servers are located within the European Union.