zakkig Logo

Privacy Policy

Status: July 11, 2026

Controller

Selim Eser
Dannstadter Straße 6-8
68199 Mannheim
Germany

Authorized representatives: Selim Eser

Email: selim@zakkig.de

Legal Notice: https://www.zakkig.de/en/legal

General information on data storage and deletion

We delete personal data that we process in accordance with the statutory provisions as soon as the underlying consents are revoked or there are no longer any legal bases for processing. This applies to cases where the original purpose of processing ceases to apply or the data is no longer required. Exceptions to this rule exist if legal obligations or special interests require longer retention or archiving of the data.

Our privacy notices contain additional information on the retention and deletion of data that applies specifically to certain processing processes.

In the event of multiple specifications for the retention period or deletion periods of a date, the longest period is always decisive. We process data that is no longer stored for the originally intended purpose but due to legal requirements or other reasons exclusively for the reasons that justify its retention.

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, securing availability and their segregation. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to data threats. Furthermore, we consider the protection of personal data already in the development or selection of hardware, software as well as procedures according to the principle of data protection by design and by default settings.

Securing online connections using TLS/SSL encryption technology (HTTPS): To protect the data of users transmitted via our online services from unauthorized access, we rely on TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), protecting the data from unauthorized access. TLS, as the advanced and more secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website is secured with an SSL/TLS certificate, this is signaled by displaying HTTPS in the URL. This serves as an indicator to users that their data is transmitted securely and encrypted.

Waitlist Form

On our website, we offer the opportunity to join the waitlist for our product "zakkig" without obligation. In this context, we collect your email address in order to send you news about the project as well as updates regarding the official release.

  • Processed data types: Contact data (email address).
  • Data subjects: Users of our waitlist form.
  • Purposes of processing: Sending project news and updates regarding the official release.
  • Retention and deletion: Deletion in accordance with the information in the section "General information on data storage and deletion", immediately upon receipt of a deletion request via email or via the unsubscribe link provided at the bottom of each of our emails to delete the data from our database.
  • Legal bases: Consent (Art. 6 (1) sentence 1 lit. a) GDPR) as well as pre-contractual measures (Art. 6 (1) sentence 1 lit. b) GDPR).

Provision of the online offer and web hosting

We process users' data in order to be able to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Processed data types: Usage data (e.g. page views and dwell time, click paths, intensity and frequency of use, device types and operating systems used, interactions with content and functions); Meta, communication and process data (e.g. IP addresses, time specifications, identification numbers, involved persons); Log data (e.g. log files concerning logins or the retrieval of data or access times). Content data (e.g. textual or pictorial messages and posts as well as information relating to them, such as authorship or time of creation).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of processing and legitimate interests: Provision of our online offering and user-friendliness; Information technology infrastructure (Operation and provision of information systems and technical devices (computers, servers etc.)). Security measures.
  • Retention and deletion: Deletion in accordance with the information in the section "General information on data storage and deletion".
  • Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Provision of online offer on rented storage space: To provide our online offer, we use storage space, computing capacity and software that we rent or otherwise obtain from an appropriate server provider (also called "web host"); Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).
  • Collection of access data and log files: Access to our online offer is logged in the form of so-called "server log files". The server log files may include the address and name of the retrieved web pages and files, date and time of retrieval, transferred data volumes, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and generally IP addresses and the requesting provider. The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks), and to ensure the utilization of the servers and their stability; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR). Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further retention is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
  • Email dispatch and hosting: The web hosting services we use also include the dispatch, reception, and storage of emails. For these purposes, the addresses of the recipients and senders as well as further information regarding the dispatch of emails (e.g. the providers involved) and the contents of the respective emails are processed. The aforementioned data may also be processed for purposes of SPAM detection. We ask you to note that emails are generally not sent encrypted on the Internet. As a rule, emails are encrypted during transit, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We therefore cannot accept any responsibility for the transmission path of the emails between the sender and the recipient on our server; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).
  • Hetzner: Services in the field of provision of information technology infrastructure and related services (e.g. storage space and/or computing capacities); Service provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR); Website: https://www.hetzner.com; Privacy Policy: https://www.hetzner.com/de/rechtliches/datenschutz. Data Processing Agreement: https://docs.hetzner.com/de/general/general-terms-and-conditions/data-privacy-faq/.

Plug-ins and embedded functions and content

We integrate function and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). This can be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").

The integration always presupposes that the third-party providers of this content process the IP address of the user, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of these contents or functions. We strive to use only those contents whose respective providers solely use the IP address for delivering the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time, and other information on the use of our online offering, as well as be linked to such information from other sources.

Notes on legal bases: If we ask users for their consent to the use of the third-party providers, the legal basis for processing data is permission. Otherwise, user data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

  • Processed data types: Usage data (e.g. page views and dwell time, click paths, intensity and frequency of use, device types and operating systems used, interactions with content and functions). Meta, communication and process data (e.g. IP addresses, time specifications, identification numbers, involved persons).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of processing and legitimate interests: Provision of our online offering and user-friendliness.
  • Retention and deletion: Deletion in accordance with the information in the section "General information on data storage and deletion". Storage of cookies for up to 2 years (Unless otherwise specified, cookies and similar storage methods may be stored on users' devices for a period of two years.).
  • Legal bases: Consent (Art. 6 (1) sentence 1 lit. a) GDPR). Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Google Fonts (obtained from Google Server): Obtaining fonts (and symbols) for the purpose of a technically safe, maintenance-free and efficient use of fonts and symbols regarding up-to-dateness and loading times, their uniform presentation, and taking into account possible licensing restrictions. The provider of the fonts receives the user's IP address so that the fonts can be provided in the user's browser. In addition, technical data (language settings, screen resolution, operating system, hardware used) is transmitted, which is necessary to provide the fonts depending on the devices used and the technical environment. This data may be processed on a server of the font provider in the USA. When visiting our online offer, the users' browsers send their browser HTTP requests to the Google Fonts Web API (i.e. a software interface for retrieving the fonts). The Google Fonts Web API provides the users with the Cascading Style Sheets (CSS) of Google Fonts and then the fonts specified in the CSS. These HTTP requests include (1) the IP address used by the respective user to access the Internet, (2) the requested URL on the Google server and (3) the HTTP headers, including the User-Agent describing the browser and operating system versions of the website visitors, and the referring URL. IP addresses are neither logged nor stored on Google servers and they are not analyzed. The Google Fonts Web API logs details of HTTP requests (requested URL, User-Agent, and referring URL). Access to this data is restricted and strictly controlled. The requested URL identifies the font families for which the user wants to load fonts. This data is logged so that Google can determine how often a specific font family is requested. For the Google Fonts Web API, the User-Agent must adapt the font generated for the respective browser type. The User-Agent is logged primarily for debugging and used to generate aggregated usage statistics to measure the popularity of font families. These aggregated usage statistics are published on the "Analytics" page of Google Fonts. Finally, the referring URL is logged so that the data can be used for production maintenance and an aggregated report on the top integrations based on the number of font requests can be generated. Google states that it does not use any information collected by Google Fonts to profile end users or target ads; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR); Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy; Data transfer basis: Data Privacy Framework (DPF). Further information: https://developers.google.com/fonts/faq/privacy?hl=en.