Datenschutz & Privatsphäre | Supacheap.eu

1. Overview and Privacy at a Glance

At Supacheap.eu, we take the protection of your personal data very seriously. This privacy policy informs you about how we handle your personal data when you visit our website and use our services.

Important Information

We are a privacy service. Our business is protecting and deleting your data - not collecting or selling it. We only collect data that is absolutely necessary for providing our services.

The following notes provide a simple overview of what happens to your personal data when you visit this website:

Data Collection on this Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the "Controller" section of this privacy policy.

How do we collect your data?

Your data is collected firstly by you providing it to us. This could be data that you enter in a contact form or when registering for our API services.

Other data is collected automatically or after your consent when visiting the website by our IT systems. This is mainly technical data (e.g. internet browser, operating system or time of page access).

What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior - but only with your explicit consent.

What rights do you have regarding your data?

You have the right at any time to receive free information about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data.

2. Controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection provisions is:

Company

Supacheap.eu
Data Protection & Data Deletion Services
Managing Director: Manfred Singer

Address

Fontanestraße 21
85055 Ingolstadt
Germany

Contact

Tel: +49 (0) 1625729615
Email: info@supacheap.eu

Online

Website: www.supacheap.eu
Imprint: Complete Imprint

3. Data Protection Officer

We have appointed a data protection officer:

Data Protection Officer

Dr. Maria Datenschutz
Certified Data Protection Officer (TÜV)
Email: info@supacheap.eu
Postal Address: Supacheap.eu, Attn: Data Protection Officer, Fontanestraße 21, 85055 Ingolstadt

You can contact our data protection officer directly at any time with questions and suggestions about data protection.

4. Data Processing on this Website

4.1 Automatic Data Collection

When visiting this website, information transmitted by your browser is automatically collected. This data is stored in so-called server log files:

IP address (anonymized): For security and error analysis
Browser type and version: For technical optimization
Operating system: For compatibility checking
Date and time of access: For security analyses
Referrer URL: To analyze user origin

Important Notice on IP Anonymization

We anonymize IP addresses already during collection by shortening the last octets. Assignment to individual persons is therefore not possible.

4.2 API Service Data Processing

Note: We do not store email full texts; contents of your deletion request are processed exclusively for creation and sending and are not permanently stored afterwards.

API keys: For authentication and access control
Usage data: Number of API calls, endpoints used, timestamps
Billing data: For billing your usage according to your chosen plan
Personal deletion requests: The data you submit for deletion requests

Zero-Knowledge Architecture

Our API uses a zero-knowledge architecture. This means: We cannot see the personal data you submit for deletion. The data is transmitted encrypted and forwarded directly to the corresponding data brokers.

4.3 Contact Form and Email Contact

If you contact us via contact form or email, the data you provide will be stored with us for the purpose of processing your request and in case of follow-up questions. We do not pass on this data without your consent.

4.4 Forwarding of Deletion Requests (Art. 17 GDPR)

When you trigger a deletion request to a data broker through our tool, we send the request on your behalf to the selected recipient. Our service address is used as the sender address; responses are directed directly to your email address via "Reply-To".

Purpose & Legal Basis: Implementation of your deletion request (Art. 6 para. 1 lit. b GDPR – contract/tool usage) and documentation-related legitimate interest (Art. 6 para. 1 lit. f GDPR).

Data Categories: Name (if provided), email, optionally address/phone/country/date of birth as well as broker-related information, insofar as required for the deletion request.

Recipients: The data broker you selected (possibly outside the EEA).

Logging: We store only metadata about the request (timestamp, recipient, subject, technical sending IDs/status) for evidence purposes; no permanent storage of email full texts.

Storage Duration: Metadata is deleted after 180 days, unless longer retention is legally required.

Access: Access only for authorized personnel (support/data protection).

Sending Service & Data Processing Agreement

We use established sending services (e.g. Mailjet) as data processors. Corresponding contracts and technical and organizational measures are implemented.

5. Legal Basis for Data Processing

Personal data is only processed if there is a legal basis for this. The respective legal bases for the processing operations are listed below:

Art. 6 para. 1 lit. a GDPR - Consent

The data subject has given consent to the processing of their personal data for one or more specific purposes.

Application: Newsletter registration, cookie settings, marketing communications

Art. 6 para. 1 lit. b GDPR - Contract

Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Application: API service provision, customer account management, billing

Art. 6 para. 1 lit. c GDPR - Legal Obligation

Processing is necessary for compliance with a legal obligation to which the controller is subject.

Application: Tax law retention obligations, compliance requirements

Art. 6 para. 1 lit. f GDPR - Legitimate Interests

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Application: Website security, error analysis, fraud protection

Balancing of Interests

When processing based on legitimate interests, we always carry out a balancing test to determine whether our interests outweigh the rights and freedoms of the data subjects. We document this balancing and review it regularly.

6. Your Rights as a Data Subject

As a data subject, you have comprehensive rights regarding your personal data. You can exercise these at any time:

Right of Access (Art. 15 GDPR)

You have the right to request information about your personal data concerning you. This includes information about processing purposes, categories, recipients and storage duration.

Right to Rectification (Art. 16 GDPR)

You have the right to request the immediate correction of incorrect personal data concerning you. You can have incomplete data completed.

Right to Erasure (Art. 17 GDPR)

You have the right to immediate deletion of your personal data, provided one of the legal grounds for deletion applies and processing is not necessary.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing when certain conditions are met (e.g. when disputing the accuracy of the data).

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format or to have it transmitted to another controller.

Right to Object (Art. 21 GDPR)

You have the right to object at any time to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR.

Easy Exercise of Rights

You can easily and quickly exercise your rights:
• By email to: info@supacheap.eu
• Via our contact form
• In writing to our postal address

We respond within 30 days free of charge.

Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority about our processing of personal data:

Competent Supervisory Authority

Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach
Germany
Web: www.lda.bayern.de

8. Questions about Data Protection

Do you have questions about this privacy policy or the processing of your personal data? Please feel free to contact us:

Data Protection Officer

Dr. Maria Datenschutz
info@supacheap.eu
Response time: 24-48 hours

General Privacy Questions

info@supacheap.eu
For all inquiries about your data

Phone Support

+49 (0) 162 5729615
Mon-Fri: 9:00-18:00

Last Updated

Date: August 11, 2025
Version: 2.2

Our Promise

Transparency, respect and protection - these are the cornerstones of our handling of your data. We are not only legally but also ethically committed to protecting your privacy. Your trust is our most valuable asset.

Privacy Policy