cryptostamp.wiki

Privacy Policy

As of: 10 May 2026

This privacy policy explains how we process personal data when you use this website (cryptostamp.wiki), in accordance with Article 13 of Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and Section 25 of the German Telecommunications and Telemedia Data Protection Act (TTDSG).

We have kept this document deliberately short and concrete. If you need more detail on any point, please write to us — our contact address is given below.

Note on language versions. This English version is provided for your convenience. In the event of any inconsistency between this version and the German version, the German version (https://cryptostamp.wiki/de/privacy) shall prevail, since Apakale UG is a German company subject to German law.

1. Controller

The controller responsible for processing within the meaning of Article 4(7) GDPR is:

Apakale UG (haftungsbeschränkt)

Email: support@formly.me

2. Data protection officer

Apakale UG is not legally required to appoint a data protection officer (Section 38 of the Federal Data Protection Act, BDSG). For data protection enquiries, please write directly to the email address above.

3. Data processed when you visit the website (server logs)

When you access cryptostamp.wiki, our hosting provider automatically processes technical data that your browser transmits. These are:

  • IP address (truncated after 30 days)
  • Date and time of access
  • URL requested and HTTP status code
  • Volume of data transferred
  • Referring URL
  • Browser type, browser version and operating system (user agent)

Purpose: Providing the website, ensuring its stability and security, defending against attacks.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in operating the website securely and reliably).

Retention: Server logs are automatically deleted after a maximum of 30 days. This does not apply where longer retention is necessary to investigate security incidents.

4. Hosting and processors

We do not operate cryptostamp.wiki on our own servers. We use the following service providers as processors within the meaning of Article 28 GDPR:

4.1 Netlify (website hosting)

Provider: Netlify, Inc., 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA.

Netlify hosts the website files and processes the server logs described in section 3. Whenever you access the website, your IP address is transmitted to Netlify and processed there technically in order to deliver the page to your browser.

Transfer to the USA: Netlify processes data in the USA. The transfer is based on the EU Standard Contractual Clauses (Commission Implementing Decision 2021/914) and supplementary safeguards. Netlify is certified under the EU-U.S. Data Privacy Framework.

Netlify privacy policy: https://www.netlify.com/privacy/

4.2 Cloudflare R2 (image and media storage)

Provider: Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA.

Images and media files (such as stamp images) are delivered through Cloudflare R2. When an image loads, your IP address is transmitted to Cloudflare for delivery.

Transfer to the USA: Transfer is based on the EU Standard Contractual Clauses. Cloudflare is certified under the EU-U.S. Data Privacy Framework.

Cloudflare privacy policy: https://www.cloudflare.com/privacypolicy/

4.3 Neon (database)

Provider: Neon, Inc., 2261 Market Street #4226, San Francisco, CA 94114, USA — data processed in the EU region (Frankfurt, eu-central-1).

Neon operates the database in which wiki content (editions, language versions, image metadata) is stored. Personal data of visitors is not routinely stored in this database. Storage occurs only if you voluntarily use the feedback function (see section 7).

Data processing physically takes place within the EU (Frankfurt, Germany).

Neon privacy policy: https://neon.tech/privacy-policy

5. Audience measurement with Plausible Analytics

We use Plausible Analytics to understand which pages of our wiki are being used and where visitors come from.

Provider: Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia.

Plausible is privacy-friendly analytics software that does not set cookies and does not process personal data. Specifically:

  • Your IP address is not stored. It is used only briefly to generate a daily anonymous hash, which is then discarded.
  • There is no cross-device tracking.
  • No profiles are created about individual users.
  • Processing takes place on servers in the EU (Germany, Hetzner).

Only aggregated statistics are collected: page views per URL, time on page, referrer source, approximate geographic region at country level, and browser and device class.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in analysing reach to improve the service). Because Plausible does not store device identifiers, Section 25 TTDSG does not apply and no cookie banner is required.

Plausible privacy policy: https://plausible.io/privacy

6. Google Search Console

We use Google Search Console to monitor the discoverability of our content in Google Search. Search Console does not run as a tracking script on this website. The only technical connection is an HTML meta tag for one-time domain verification — this tag does not collect any data about you.

The data shown in Search Console (search queries that led to our website, click-through rates, indexing status) is processed by Google, not on our website. When you use Google and click a link to cryptostamp.wiki, Google processes that search query under its own privacy policy.

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google privacy policy: https://policies.google.com/privacy

7. Feedback function

On every page you will find a feedback button. When you click it, an input field opens in which you can leave a comment about the page.

Data processed when you submit feedback:

  • Your feedback text (required)
  • Optional: your email address — only if you would like a reply
  • The URL of the page on which you submitted the feedback
  • Date and time of submission

Not collected: your IP address, device information, screenshots, or other technical data from your browser.

Purpose: Handling your feedback and, where applicable, replying to you.

Legal basis: Article 6(1)(b) GDPR (responding to your request) or Article 6(1)(f) GDPR (legitimate interest in quality assurance of the wiki).

Retention: Feedback entries are retained for a maximum of 24 months and then deleted, unless longer retention is required in an individual case for the establishment, exercise or defence of legal claims. If you provided an email address and received a reply, section 8 (Contact by email) also applies.

8. Contact by email

If you contact us using the email address given in the legal notice or in this privacy policy, we process the data transmitted with your email (sender address, name if provided, content of the email) in order to respond to your enquiry.

Legal basis: Article 6(1)(b) GDPR (pre-contractual or contractual communication) or Article 6(1)(f) GDPR (legitimate interest in responding to enquiries).

Retention: Until your enquiry has been fully dealt with, possibly longer if statutory tax or commercial retention obligations apply (up to 10 years under Section 147 of the German Fiscal Code).

9. Your browser's local storage

We store your language selection (e.g. "de", "en", "it") and your choice of dark or light mode in your browser's local storage. This storage is strictly necessary so that the website can respect your preferences on subsequent visits.

Legal basis: Section 25(2)(2) TTDSG (strictly necessary storage). No consent is required.

No personal data is processed in this context — only your preference is stored, not your identity.

You can clear your browser's local storage at any time using your browser settings.

10. Recipients of your data

Within our organisation, only persons who need it for the purposes described in sections 3 to 8 have access to your data.

External recipients are:

  • the hosting providers listed in section 4 (Netlify, Cloudflare, Neon),
  • the analytics provider listed in section 5 (Plausible),
  • where applicable, our email provider, if you contact us by email or receive a reply to feedback.

We do not transfer your data to any other third parties. In particular, we do not sell data and we do not engage in advertising targeting.

11. Transfers to third countries

As described in section 4, data transfers to the USA may occur (Netlify, Cloudflare). These transfers take place on the basis of the EU Standard Contractual Clauses pursuant to Commission Decision 2021/914 and, where the providers are certified, on the basis of the EU-U.S. Data Privacy Framework.

12. Your rights as a data subject

Under the GDPR, you have the following rights against us:

  • Access (Article 15 GDPR) — to know which data we process about you
  • Rectification (Article 16 GDPR) — where data is inaccurate
  • Erasure (Article 17 GDPR) — subject to statutory retention obligations
  • Restriction of processing (Article 18 GDPR)
  • Data portability (Article 20 GDPR)
  • Objection (Article 21 GDPR) — against processing based on legitimate interests

To exercise these rights, an informal email to the address given in section 1 is sufficient.

13. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data (Article 77 GDPR). The authority competent for us is:

Berlin Commissioner for Data Protection and Freedom of Information Alt-Moabit 59–61 10555 Berlin, Germany https://www.datenschutz-berlin.de

You may also turn to the supervisory authority of your habitual residence or place of work.

14. Automated decision-making and profiling

No automated decision-making within the meaning of Article 22 GDPR and no profiling takes place.

15. Data security

We use technical and organisational measures to protect your data against loss, manipulation and unauthorised access. These include exclusive transmission of the website over encrypted HTTPS (TLS), encrypted database connections, and restriction of administrative access to authorised persons.

16. Changes to this privacy policy

We reserve the right to amend this privacy policy if the underlying data processing changes or if legal requirements make this necessary. The current version is always published on this page. The date of the most recent update is given at the top.