Privacy Policy

SilkPanel CMS ("we", "us", or "our"), operated by Alexander Frank, is committed to protecting your privacy and ensuring the security of your personal data. This privacy policy explains how we collect, use, and protect your information in accordance with the GDPR and the German Digital Services Act (DDG).

We collect and process the following categories of personal data:

• Account Data: Username, email address, password (encrypted), registration date, and account preferences.
• Usage Data: IP address, browser type, operating system, pages visited, time spent on pages, and referral sources.
• Communication Data: Name, email address, message content, and communication history when you contact us.

We process your personal data based on the following legal grounds under GDPR Article 6:

• Consent: When you explicitly agree to data processing (e.g., newsletter subscription).
• Contract: To provide our services and fulfill contractual obligations.
• Legitimate Interest: To improve our services, ensure security, and prevent fraud.
• Legal Obligation: To comply with applicable laws and regulations.

We use cookies and similar technologies to enhance your experience. Detailed information about cookies will be provided below. The table will be populated once the cookie component is integrated.

We use your personal data for the following purposes:

• To provide and maintain our services.
• To authenticate your account and ensure security.
• To process votes and distribute rewards.
• To communicate with you about your account and services.
• To improve our website and services through analytics.
• To comply with legal obligations and protect our rights.

We may share your data with third parties in the following circumstances:

• Service Providers: Stripe for payment processing, hosting providers, and analytics services.
• Legal Requirements: When required by law or to protect our rights.
• Business Transfers: In case of merger, acquisition, or sale of assets.

We use Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, United States, as our payment service provider for processing subscription payments and other transactions on our platform.

When you make a payment through our platform, Stripe processes the following personal data on our behalf:

• Name and email address
• Billing address
• Payment card information (card number, expiration date, CVV)
• Transaction amount and currency
• IP address and device information
• Transaction history and payment status

All payment card data is processed and stored directly by Stripe. We do not store complete payment card details on our servers. We only retain transaction identifiers, payment status, and metadata necessary for service delivery and accounting purposes.

The processing of your payment data by Stripe is based on Article 6(1)(b) GDPR (performance of contract) and Article 6(1)(f) GDPR (legitimate interests in secure payment processing and fraud prevention).

Stripe, Inc. is based in the United States. When you make a payment, your data may be transferred to and processed in the United States. Stripe complies with the EU-U.S. Data Privacy Framework and uses Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection of your personal data.

Stripe is certified as a PCI Service Provider Level 1, the highest level of certification in the payment card industry.

For detailed information about how Stripe processes your personal data, please review Stripe's Privacy Policy at https://stripe.com/privacy.

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security audits and updates
• Access controls and employee training
• Secure data centers and backup systems

We retain your personal data for the following periods:

• Account Data: As long as your account is active, plus 3 years after deactivation.
• Usage Data: 2 years for analytics and improvement purposes.
• Communication Data: 5 years for legal compliance.
• Payment Data: Transaction metadata is retained for 10 years as required by German commercial law (HGB).

Legal obligations may require longer retention periods.

You have the following rights regarding your personal data:

• Right to access information about your data
• Right to rectification of inaccurate or incomplete data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing based on legitimate interests
• Right to withdraw consent at any time

To exercise any of these rights, please contact us at:

[email protected]

We will respond to your request within 30 days.

Your data may be transferred to and processed in countries outside the EU. We ensure adequate protection through standard contractual clauses or adequacy decisions.

We may update this privacy policy from time to time. We will notify you of any material changes by email or through our website.

If you have any questions about this privacy policy or our data practices, please contact us: