privacy policy
Version overview:
| version | Published on | note | |
|---|---|---|---|
| v1.2.1(currently valid) | 16.08.2025 | Section 9 has been adjusted: The Jetpack service has been replaced by Google Analytics. The overall reference is no longer to the German Telemedia Act (TMG), but to the German Telemedia Act (TTDSG). Language adjustments and standardization of formatting have been made. | Show |
| v1.1.0 | 29.07.2025 | Adjustments made before GoLive. Section 2 regarding data collection has been adjusted. Section 7 has been adjusted due to the switch from Akismet to Google reCaptcha. | Show |
| v1.0.0 | 11.06.2025 | Revised version taking into account the service providers and plugins used. | |
| v0.1.0 | 07.12.2024 | Privacy policy after installing Wordpress | Show |
1. General information
The protection of your personal data is of utmost importance to us. We process your data exclusively in accordance with legal regulations (GDPR, German Telemedia Act). This privacy policy informs you about the most important aspects of data processing on our website.
Responsible person within the meaning of the GDPR:
Henry Böster
Vorsteher-Kirchhoff-Str. 8
28816 Stuhr
Email: hello@threatemy.com
2. Collection and processing of personal data
We collect and process personal data when you:
- visit our website
- create a user account
- book a service
- communicate with us
Data processing is carried out on the basis of Art. 6 (1) (b) GDPR (performance of the contract) or Art. 6 (1) (f) GDPR (legitimate interest in secure, functional operation).
3. User account and access protection
When you create a user account, we store the data you provide (e.g., name, email address) to allow you access to secure areas. Access to our services is only possible with activated two-factor authentication (2FA). We use the TOTP procedure, which is generated locally on your device (e.g., with authenticator apps). No personal data is transmitted to third parties in connection with authentication.
4. Storage and access to reports
Your booked reports and security-relevant analyses will only be made available for download after successful authentication and permission verification. The files are not stored on your web space, but are transferred encrypted from a managed data storage (IONOS, Germany) via WebDAV. Access is exclusively encrypted.
5. Contact forms and form processing
We use the ProfileGrid, RegistrationMagic, and Contact Form 7 plugins to create customer accounts and process orders. The data you provide (e.g., name, email address, and any other information) will be processed exclusively to process your request.
Akismet's integrated spam detection automatically checks submitted content to prevent misuse. The IP address may also be processed.
6. Cookies
7. Web analytics with Jetpack
We use the WordPress plugin Jetpack for statistical analysis. Jetpack collects anonymized visitor data (e.g., page views, length of visit). The data is processed on servers of Automattic Inc., USA. A corresponding contract for order processing exists in compliance with the standard contractual clauses.
8. Use of Google Ads Conversion Tracking
On the confirmation page after a successful booking, we use a conversion tracking script from Google Ads. This enables us to measure the success of our advertising. Pseudonymized data (e.g., IP address, timestamp) is collected. Processing is based on your consent (Art. 6 (1) (a) GDPR) via the cookie banner.
You can revoke your consent at any time with future effect – via the corresponding link in the footer of each page.
9. Booking and payment processing via Digistore24
Our services are booked through the provider Digistore24 GmbH, St.-Godehard-Str. 32, 31139 Hildesheim, Germany. When you start the booking, you will be redirected to Digistore24. After the purchase is successfully completed, you will be returned to our website. Data processing is carried out there at your own responsibility. Please note the Digistore24 privacy policy at:
https://www.digistore24.com/page/privacy
10. Data security & hosting
Our website is hosted on servers of IONOS SE, a data center in Frankfurt (Germany), and is ISO 27001-certified. Backups are created regularly, stored encrypted, and stored exclusively in a managed data storage facility within the EU.
11. Order processing
If you commission us with security-relevant analyses or other services, we will process personal data (e.g., IP addresses, log data) on your behalf. This processing is carried out exclusively on the basis of a data processing agreement pursuant to Art. 28 GDPR. We will provide you with our technical and organizational measures (TOMs) upon request or in the customer area.
12. Fonts (Google Fonts)
We only use locally embedded fonts to display the website. There is no connection to Google servers. No personal data is transmitted in connection with the display of fonts.
13. Your rights
According to the GDPR, you have the right to:
- Information about your stored data
- Correction of incorrect data
- Deletion of your data (unless there are legal retention obligations)
- Restriction of processing
- Data portability
- Objection to processing
Please send your request to: hello@threatemy.com
In order to process your request promptly, please state, if possible, which type of data processing your request relates to (e.g. user account, analysis report, form usage).
14. Online dispute resolution
The European Commission provides a platform for online dispute resolution (ODR):
https://ec.europa.eu/consumers/odr/
Consumers have the opportunity to use this platform to resolve their disputes. We are not legally obligated to participate in dispute resolution proceedings, but we are generally open to participating in individual cases.
15. Changes to this Privacy Policy
We reserve the right to adapt this privacy policy as needed, for example in the event of changes to our services, legal requirements or technical developments.
As of: June 11, 2025