Skip to main content

Privacy Policy

Last updated: February 11, 2026

Your privacy is important to us. This Privacy Policy explains how STELLWERK collects, uses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

1. Data Controller

The data controller responsible for your personal data is:

Ronald Klaus
Email: ronald@ronald-klaus.de

2. Data We Collect

We collect the following types of personal data:

2.1 Account Information

  • Email address
  • Name (if provided)
  • Password (stored encrypted)
  • Organization/company name (if provided)

2.2 Usage Data

  • IP address
  • Browser type and version
  • Pages visited and features used
  • Date and time of access
  • Referring website

2.3 Service Data

  • Flows and formulas you create
  • API requests and responses
  • Test cases and simulation data

3. Legal Basis for Processing

We process your personal data based on:

  • Contract performance: Processing necessary to provide the Service you requested (Art. 6(1)(b) GDPR)
  • Legitimate interests: Processing for security, fraud prevention, and service improvement (Art. 6(1)(f) GDPR)
  • Consent: Where you have given explicit consent, such as for marketing communications (Art. 6(1)(a) GDPR)
  • Legal obligations: Processing required to comply with legal requirements (Art. 6(1)(c) GDPR)

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain the Service
  • Authenticate your identity and manage your account
  • Process transactions and send related information
  • Send service-related notifications (password resets, security alerts)
  • Respond to your inquiries and support requests
  • Monitor and analyze usage patterns to improve the Service
  • Detect and prevent fraud and security issues
  • Comply with legal obligations

5. Data Sharing

We do not sell your personal data. We may share your data with:

  • Service providers: Third parties that help us operate the Service (hosting, email delivery, payment processing)
  • Legal requirements: When required by law or to protect our rights
  • Business transfers: In connection with a merger, acquisition, or sale of assets

5.1 Third-Party Services

We use the following third-party services:

Service Purpose Location
Mailtrap Email delivery EU/US

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain data for a limited period to:

  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Usage logs are typically retained for 90 days.

7. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limitation of processing
  • Portability: Receive your data in a portable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at ronald@ronald-klaus.de. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encrypted password storage
  • Regular security assessments
  • Access controls and authentication

9. Cookies

We use essential cookies required for the Service to function:

  • Session cookies: To maintain your login session
  • CSRF tokens: To protect against cross-site request forgery

These cookies are strictly necessary and do not require consent. We do not use tracking or advertising cookies.

10. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The "Last updated" date at the top indicates when changes were made.

13. Complaints

If you believe we have not handled your data properly, you have the right to lodge a complaint with a supervisory authority. In Germany, this is the data protection authority of your state (Landesdatenschutzbeauftragter).

14. Contact

For questions about this Privacy Policy or your personal data, contact us at:

Email: ronald@ronald-klaus.de