Website Privacy Policy

This is the privacy policy for this website. The Delta Chat apps have a separate privacy policy.

You can get all necessary information about us and our project on our Delta Chat website. However, it is only fair that you know which personal data is processed when you use our service at all times.

The following information also serves to provide you with information about this and how we protect your personal data from manipulation, loss, destruction or misuse.

If you have any further questions about data protection, please contact us via e-mail: delta-privacy@merlinux.eu

1. Name and contact information of the data controller

Responsible for the processing of your personal data is

merlinux GmbH  
Represented by the managing director Holger Krekel  
Reichsgrafen Str. 20  
79102 Freiburg  
Germany

mail: delta-privacy@merlinux.eu

Our data protection officer: Prof. Dr. Fabian Schmieder, lexICT UG (limited), Ostfeldstr. 49, 30559 Hannover. You can contact him at info@lexict.de Keyword: DeltaChat.

2. Processing when using the website

When you visit our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected and stored until it is automatically deleted (usually 7 days):

This website is hosted by an external hoster (Hetzner GmbH). The personal data collected on this website is stored on the hoster’s servers. Our hoster will process your data only to the extent necessary to fulfill its obligations to perform under our instructions. In order to ensure data protection-compliant processing, we have concluded data processing agreement with our hoster.

The aforementioned data is processed by us for the following purposes:

The legal basis for the data processing is Art.6 (1) lit.f GDPR. Our legitimate interest results from the aforementioned purposes of data collection. We will not use the collected data for the purpose of drawing conclusions about your person.

3. Transfer of data

We do not transfer your personal data to third parties for purposes other than those listed below. We will only share your personal data with third parties if:

  1. you have given your explicit consent in accordance with Art.6 (1) lit.a GDPR,
  2. the disclosure is necessary for the establishment, exercise or defense of legal claims pursuant to Art.6 (1) lit.b GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  3. in the event that a legal obligation exists for the disclosure pursuant to Art.6 (1) lit.c GDPR, as well as
  4. it is legally permitted and necessary according to Art.6 (1) lit.b GDPR for the processing of contractual relationships with you
  5. it is carried out by a service provider acting on our behalf and on our exclusive instructions, whom we have carefully selected (Art.28 (1) GDPR) and with whom we have concluded a corresponding data processing agreement (Art.28 (3) GDPR), which obligates our contractor to implement, in particular, appropriate security measures and grants us comprehensive control powers.

Delta Chat forum

We also provide a forum for you to join discussions. For this purpose, we use the open source software “Discourse”. We process personal data of our users only to the extent necessary to provide the functions of the platform “Discourse”.

a) Registration

In the registration process, we collect your username, password and e-mail address. When register at the platform, you will enter into a user agreement for the purpose of processing your profile data. Art.6 (1) lit.b GDPR serves as the legal basis for this. The registration and the resulting storage of data is necessary for the use of the platform. We cannot provide this service without this data. The data provided will be stored by us until you request anonymization or deletion of your user account.

b) Forum posts

As a registered user you can edit your user profile. You can change the mandatory registration information, email and username. In addition, you can enter and change voluntary information, which will be stored by us and displayed to other registered users.

Posts which are in context with information of other users may also be available at a later time, when you are no longer active. At the end of the fifth calendar year after these posts were written or after the deletion of your user account, anonymization will take place, i.e. the author of the post will be listed as “Anonymous”. If the post still contains personal data despite anonymization, users are entitled to have the post deleted or modified in the individual case.

All posts that you write, the time since your registration, the Likes received and awards for particularly popular posts are recorded. In addition, to prevent bots and spam, the reading time is recorded and other data regarding the misuse of our forum, including the frequency of posts in relation to an implausibly short period of time, implausibly high number of web links or use of words on a blocked word list, etc. are recorded.

Your user behavior is recorded in server log files in order to analyze technical problems and possible abuse. The legal basis for this processing to protect our legitimate interests is Art.6 (1) lit.b and f GDPR. The recordings are deleted after 30 days. The purposes of this processing are the proper operation of the forum (including the technical provision), processing to improve the forum, to moderate the posts and to prevent advertising bots and spammers.

c) Processing during the use of the forum website

Various data is transmitted to us from your computer, this varies depending on the browser and operating system type, version and settings.

Some of them may be:

We host the instance of Discourse on our own servers and do not transmit any data from you to Discourse. Discourse is an open source project, which is maintained by

M. Régis Hanol
Civilized Discourse Construction Kit, Inc.
regis.hanol@discourse.org
78 Allée Primavera Centre
UBIDOCA, 15232
74370 ANNECY
FRANCE

The privacy policy can be found under https://www.discourse.org/privacy.

5. Mailing list

You can also subscribe to our mailing list if you would like to be informed about community discussions and news in the form of newsletters. If you add your email address and optionally your name to the mailing list, you will receive a confirmation email to complete your registration. The legal basis for the processing is your consent, Art.6 (1) lit.a GDPR. Registration is voluntary and you can revoke your consent at any time with effect for the future.

We use the interface Postorius for the mailing software GNU Mailman to operate the mailing list. The software is run on our servers.

The privacy policy for GNU Mailman can be found under https://list.org/privacy.html.

6. Social media appearance

Delta.chat runs profiles on social networks – in particular on Twitter, YouTube and Mastodon.

Social networks can generally analyze your user behavior on a broad scale. This applies if you use the social networks to visit our social media sites. Site operators can record your visit and assign it to your user account. Even if you are not logged in, a collection may be possible, for example via your IP address, browser details or through the use of cookies.

The information collected this way can be used by the operators of social networks to create profiles. Among other things, your (presumed) interests and preferences may be recorded to display personalized advertising.

It is not possible for us to track all of these data processing operations within the social networks, nor do we have access to this data. You can find more information in the respective privacy statements of the networks. However, we do process your data when you contact us, for example, via comments, likes, messages or in any other way, such as to reply to you. In doing so, we process your interactions with our social media profile as well as publicly viewable profile information (you can set the settings for which of your personal data is publicly viewable in your respective profile). The legal basis for this processing is Art.6 (1) lit.f and b GDPR. Our interests lie in answering your inquiries and in informing interested persons about our offer. The storage period depends on the respective platform. However, we delete personal data as soon as the purpose of the required processing ceases to apply and unless there are legal obligations for longer storage.

Below you will find information on data protection on the respective portals.

a) Twitter

We maintain a Twitter account. To the extent that we determine the means and purposes of the processing, your personal data will therefore be processed by us as the controller. We do not systematically evaluate the interaction with our account. If questions are asked in the comments or DM are sent to us, we will of course answer them.

In all other cases in which data is processed in connection with our Twitter account and for which Twitter determines the means and purposes, the processing is carried out by Twitter as the sole controller:

Twitter International Company
One Cumberland Place
Fenian Street
Dublin 2
D02 AX07
Ireland
fax +1 415 222 9958

You can contact Twitter’s data protection officer under https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp

Information about the processing of personal data when using Twitter, such as our Twitter profile, is described in the Twitter Privacy Policy, available at https://twitter.com/de/privacy.

If you contact us via Twitter, the legal basis is a legitimate interest pursuant to Art.6 (1) lit.f GDPR. Our legitimate interest is to respond to your request. Otherwise, the use of Twitter is based on your consent to Twitter pursuant to Art.6 (1) lit.a GDPR.

b) YouTube

Furthermore, we maintain a YouTube account. To the extent that we determine the means and purposes of processing, your personal data will therefore be processed by us as the controller. We do not systematically evaluate the interaction with our account. If questions are asked in the comments or DM are sent to us, we answer them.

In all other cases in which data is processed in connection with our YouTube account and for which YouTube determines the means and purposes, the processing is carried out by YouTube as the sole controller:

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Irland

You can contact YouTube’s data protection officer under https://support.google.com/policies/contact/general_privacy_form.

Information about the processing of personal data when using YouTube, such as our YouTube profile, is described in the YouTube Privacy Policy, available at https://policies.google.com/privacy.

If you interact with us via YouTube, the legal basis is a legitimate interest pursuant to Art.6 (1) lit.f GDPR. Our legitimate interest is the interaction with our followers and other interested social media users on our social media profiles, the increase of reach of our products (advertising) and to respond to your request. In addition, the use of YouTube is based on your consent to YouTube pursuant to Art.6 (1) lit.f GDPR.

c) Mastodon

In addition, we maintain a Mastodon account. To the extent that we determine the means and purposes of processing, your personal data will therefore be processed by us as the controller. We do not systematically evaluate the interaction with our account. If questions are asked in the comments or DM are sent to us, we answer them.

In all other cases in which data is processed in connection with our Mastodon account and for which Mastodon determines the means and purposes, the processing is carried out by the operator of the Mastodon instance as the sole responsible party. In our case, this is operated on chaos.social.

Information about the processing of personal data when using chaos.social, are described in the privacy policy, available at https://chaos.social/terms.

If you interact with us via Mastodon, the legal basis is a legitimate interest pursuant to Art.6 (1) lit.f GDPR. Our legitimate interest is to interact with our followers and other interested social media users on our social media profiles, to increase the reach of our products (advertising) and to respond to your request. Otherwise, the use of Mastodon is based on your consent to Mastodon pursuant to Art.6 (1) lit.a GDPR.

7. Donations

You can make payments (donations) to us in different ways.

a) Liberapay

We use services of Association Liberapay, Chez M. Coste, Le Bourg, St Jean Le Blanc 14770 Terres de Druance, France, represented by Charly Coste. The service allows donations to be made to us. For this purpose, Liberapay collects data such as e-mail address, name and, if applicable, account information for payment processing. We do not have access to this data ourselves. The privacy policy of Liberapay can be found under https://liberapay.com/about/privacy

b) Open Collective

We also use services from Open Collective, 340 S. Lemon Avenue, #3717 Walnut, CA 91789, USA. The service enables donations to be made to us. For this purpose, Open Collective collects data such as the e-mail address, name and, if applicable, account information for payment processing. We do not have access to this data ourselves. Open Collective’s privacy policy can be found under https://opencollective.com/privacypolicy.

c) Bitcoin Wallet

You can also donate Bitcoins to us. In this case, the decentralized Bitcoin network processes data that is necessary to execute the transaction. The transaction is also public, but anonymous, as long as your account is not linked to personal data. Otherwise, the processing is pseudonymous. Accordingly, a corresponding donation receipt cannot be issued by us. If you use the payment services of third parties (e.g. Coinbase, Kraken, MoonPay), the terms and conditions and privacy policies of the respective third party providers apply, which are available within the respective websites or transaction applications.

d) Bank transfer

You can also support us with a standard bank payment. If you use the payment services of third parties (e.g. PayPal or “Sofortüberweisung”), the terms and conditions and privacy policy of the respective third party providers apply, which are available within the respective websites or transaction applications.

Depending on the payment service provider and the type of transfer, we process the name, email address, account number, credit institution, time and amount of the transfer. The legal basis for this is found in Art. 6 (1) lit. c and f GDPR. Our legitimate interest is the administration of our donations.

8. Right to object

If your personal data is processed on the basis of our legitimate interests in accordance with Art.6 (1) lit.f GDPR, you have the right to object to the processing of your personal data in accordance with Art.21 GDPR, provided that there are grounds for this based on your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation.

If you wish to exercise your right of objection, simply send an e-mail to delta-privacy@merlinux.eu.

9. Right to withdraw

If your personal data is processed on the basis of your consent in accordance with Art.6 (1) lit.a GDPR (e.g. via the mailing list), you can withdraw your consent at any time and without any disadvantages. As a result, we may no longer continue the data processing that was based on this consent for the future. However, the withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

If you wish to make use of your right of withdrawal, simply send an e-mail to delta-privacy@merlinux.eu.

10. Rights of the data subject and right to lodge a complaint with a supervisory authority

As a data subject of a processing of personal data, you have the right to

  1. request information about your personal data processed by us in accordance with Art.15 GDPR. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged period for which the data will be stored, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information about its details;
  2. demand the immediate rectification of inaccurate or incomplete personal data stored by us, in accordance with Art.16 GDPR;
  3. request the erasure of your personal data stored by us in accordance with Art.17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims;
  4. demand the restriction of the processing of your personal data in accordance with Art.18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you oppose its erasure and we no longer need the data, but you need it for the establishment, exercise or defence of legal claims or you have objected to the processing in accordance with Art.21 GDPR;
  5. receive the personal data that you have provided to us in a structured, commonly used and machine-readable format, or to request the transfer to another controller, in accordance with Art.20 GDPR;
  6. withdraw your consent at any time in accordance with Art.7 (3) GDPR. As a result, we may no longer continue the data processing that was based on this consent in the future, and
  7. complain to a supervisory authority in accordance with Art.77 GDPR. You can therefore usually contact the supervisory authority of your usual place of residence or workplace or our registered office. The supervisory authority responsible for our place of business is The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg in 70173 Stuttgart.

To exercise your data protection rights or your right to lodge a complaint, simply send an e-mail to delta-privacy@merlinux.eu.

11. Data security

We use the SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. To see whether an individual page of our website is encrypted, click on the closed key or lock symbol in the lower status bar of your browser.

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. We continuously adapt our security measures in line with technological developments.

12. Up-to-dateness and modification of this data protection declaration

This data protection declaration is valid as of November 2021. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to revise this data protection declaration from time to time.

You can access and print out the current data protection declaration at any time under https://support.delta.chat/privacy.