Privacy Policy

1. Overview of Data Protection

General Information

This Privacy Policy provides an overview of what happens to your personal data when you visit our website. Personal data means any information relating to an identified or identifiable individual.

How we collect your data

Your data is collected in the following ways:

  • Data you provide directly, e.g. via forms, registration, or purchases.
  • Data collected automatically when visiting the website (technical data such as browser type, operating system, timestamps, etc.).

2. Hosting

Our website is hosted by:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

Data Privacy Statement: https://www.hetzner.com/legal/privacy-policy/

Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and efficient hosting).

3. Mandatory Information and Rights

Data Controller

Mario Lockhorn
c/o infocaddy UG
Konrad-Adenauer-Ufer 71
50667 Cologne
Germany

Phone: +49 (0) 221 120 71 87 23
Email: info@breachwire.io

Storage Duration

We store personal data only as long as necessary for the purpose or as required by law.

Right to Data Portability

You have the right to receive data processed automatically in a machine-readable format (Art. 20 GDPR).

SSL/TLS Encryption

This website uses SSL/TLS encryption to protect transmitted data.

4. Data Processing on Our Website

Cookies

We use essential cookies required for the operation of the site. Analytics cookies are only set with your consent.

5. Analytics

WP Statistics

We use WP Statistics to analyze website traffic.

  • All data is stored locally on our server
  • No data is transferred to third parties
  • IP addresses are anonymized

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in anonymous analytics).

6. Newsletter

If you subscribe to our newsletter, we collect your email address. Processing is based on your consent (Art. 6(1)(a) GDPR). You may withdraw consent at any time via the unsubscribe link.

7. User Accounts & Subscription Data

When creating an account on breachwire.io, we process:

  • Email address
  • Password (hashed)
  • Name (optional)
  • Subscription status and plan details
  • Usage data within the platform

Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

8. Payment Processing via Stripe

Stripe Payments Europe, Ltd.
1 Grand Canal Street Lower
Grand Canal Dock
Dublin, Ireland

What data does Stripe process?

  • Name
  • Email address
  • Billing address
  • Payment information (processed only by Stripe)
  • IP address
  • Transaction metadata

We do not store any credit card or banking information.

Legal basis: Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interest in secure payments).

Stripe Privacy Policy: https://stripe.com/privacy

Stripe may transfer data outside the EU; appropriate safeguards (Standard Contractual Clauses) are in place.

9. Supabase (EU Region – Frankfurt)

We use Supabase for authentication, user account management, storage of user-generated data, subscription metadata, and application backend functions.

Data location

All data is stored exclusively in the EU region (Frankfurt, Germany). There is no transfer of data to the United States.

Legal basis

  • Art. 6(1)(b) GDPR (provision of user accounts)
  • Art. 6(1)(f) GDPR (legitimate interest in secure and scalable infrastructure)

A Data Processing Agreement (DPA) with Supabase is in place.

10. Rights of Data Subjects

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to lodge a complaint with a supervisory authority (Art. 77)

11. Legal Basis & Jurisdiction

This website is governed by the laws of the Federal Republic of Germany.

12. Final Provisions

Invalid provisions shall not affect the validity of the remaining clauses. This Privacy Policy becomes effective upon publication.