Privacy Policy

Last updated: April 2026 · Applies to www.dripback.com

1. Controller

The controller within the meaning of the EU General Data Protection Regulation (GDPR) is:
DripBack GmbH, [Street], [Postcode City], Germany
Email: privacy@dripback.com

2. General principles

We process personal data of our users only insofar as this is necessary to provide a functional website and our content and services. Processing generally takes place only with the user's consent (Art. 6 (1) (a) GDPR) or where another legal basis applies (e.g. Art. 6 (1) (b), (c) or (f) GDPR).

3. Server log files

When you visit our site, our hosting provider automatically records information transmitted by your browser, including:

IP address (truncated / anonymised after processing)
Date and time of access
Requested URL and HTTP status code
Volume of data transferred
Browser type, language and operating system
Referrer URL

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in stable operation and security). Retention: maximum 14 days, after which the data is automatically deleted. We do not combine these logs with other data sources.

4. Hosting

Our website is operated in a data centre within the European Union. A data processing agreement under Art. 28 GDPR is in place with our hosting provider.

5. Contact

If you contact us via the contact form or by email, your details will be stored to process your enquiry and for the case of follow-up questions. Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) or (f) GDPR (legitimate interest in efficient processing). We do not share this data without your consent. Storage until your enquiry has been finally processed, at the latest until you request deletion.

6. Cookies

This website does not use tracking cookies or third-party tracking. Should we use non-essential cookies in the future, this will be done exclusively with your explicit consent via a consent tool.

7. External fonts (Google Fonts)

We embed the "Inter" typeface via Google Fonts. When loading, your IP address is transmitted to Google servers in the USA. Legal basis: Art. 6 (1) (f) GDPR. You can prevent this transmission by disabling JavaScript / external fonts in your browser. We are continuously evaluating local self-hosting of these fonts.

8. Recipients and processors

Personal data is only shared with third parties where necessary for the performance of a contract, where required by law, or where consent has been given. Processors we engage are bound by data processing agreements under Art. 28 GDPR.

9. Transfers to third countries

Transfers to third countries outside the EU/EEA only take place where necessary, legally required, or based on your consent. Where US-based services are used, we rely on the EU-US Data Privacy Framework, Standard Contractual Clauses and supplementary measures.

10. Your rights

Under the GDPR you have the following rights:

Right of access (Art. 15)
Right to rectification (Art. 16)
Right to erasure (Art. 17)
Right to restriction of processing (Art. 18)
Right to data portability (Art. 20)
Right to object (Art. 21)
Right to withdraw consent (Art. 7 (3))
Right to lodge a complaint with a supervisory authority (Art. 77)

11. Data security

We use end-to-end SSL/TLS encryption when you access our site and apply technical and organisational measures to protect your data against manipulation, loss or unauthorised access.

12. Changes to this policy

This Privacy Policy is current as of April 2026. As our website evolves or legal requirements change, we may need to update this policy.

← Back to home