Skip to main content
BitAnker
  • Products
  • About
  • Partnerships
  • Contact
DEEN
Book a call

BitAnker

Solutions that hold.

Products

  • Products

Company

  • About
  • Partnerships
  • Contact

Legal

  • Imprint
  • Privacy

© 2026 BitAnker UG (haftungsbeschränkt). All rights reserved.

Privacy policy

We appreciate your visit to our website and your interest in our company. The protection of your personal data is important to us. Personal data is any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR).

The following information explains, in accordance with Art. 13 and 14 of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications Digital Services Data Protection Act (TDDDG), how we process personal data when you visit this website and use our services.

This English version is provided for convenience. The legally binding version is the German privacy policy.

1. Controller

The controller within the meaning of the GDPR is:

BitAnker UG (haftungsbeschränkt)
Siedfeld 15
25376 Borsfleth
Germany

Phone: +49 4124 5013079
Email: info@bitanker.eu

Managing Director: Christoph Süßer

2. Data Protection Officer

Our Data Protection Officer is available for any questions concerning data protection and the processing of your personal data:

Email: datenschutz@bitanker.eu

For postal contact, please use the address of the controller above with the addition “Attn: Data Protection Officer”.

3. Definitions

This privacy policy uses the terms defined in Art. 4 GDPR, available at eur-lex.europa.eu.

4. Hosting

This website is hosted in a data center within the European Union. Our infrastructure provider is:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen, Germany

Hetzner processes personal data exclusively on our behalf and according to our instructions. We have concluded a data processing agreement with Hetzner pursuant to Art. 28 GDPR. No transfer to third countries takes place.

The legal basis is Art. 6 (1) (f) GDPR. Our legitimate interest lies in the technically reliable, secure and efficient provision of our online offering.

5. Server log files

When you visit our website, our hoster Hetzner automatically collects and temporarily stores technical information in log files:

  • IP address of the requesting device
  • date and time of access
  • name and URL of the requested file
  • amount of data transferred
  • HTTP status code
  • browser type and operating system
  • referrer URL (the previously visited page)

This processing serves to provide the website (connection establishment), system security, technical administration, and defense against attacks (e.g. DDoS, brute force). The legal basis is Art. 6 (1) (f) GDPR. Log files are deleted within 14 days at the latest, or anonymized by truncating the IP address. These data are not combined with other data sources.

6. SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the "https://" prefix in your browser's address bar.

7. Cookies and comparable technologies

Our website does not set any cookies or comparable storage technologies (e.g. localStorage, fingerprinting) that would require consent under § 25 TDDDG. A cookie banner is therefore not required.

Strictly necessary storage operations (e.g. spam protection when submitting the contact form) are based exclusively on § 25 (2) No. 2 TDDDG and Art. 6 (1) (f) GDPR.

8. Contacting us

8.1 Contact form

When you send us inquiries via the contact form, we process the data you provide (e.g. name, email address, message, optionally company) to handle your inquiry and any follow-up questions.

The legal basis is Art. 6 (1) (b) GDPR insofar as your inquiry is aimed at concluding or performing a contract, otherwise Art. 6 (1) (f) GDPR (legitimate interest in the effective handling of inquiries).

To prevent automated spam submissions, we use technical measures (honeypot fields and IP-based rate limiting). No data is transferred to third parties; in particular we do not use Google reCAPTCHA.

8.2 Contact by email or phone

If you contact us by email or phone, your details (name, contact data, content of the message) are stored to handle your request. The legal basis is the same as described in section 8.1: Art. 6 (1) (b) GDPR where the request relates to a contract, otherwise Art. 6 (1) (f) GDPR.

The data is deleted as soon as it is no longer required for handling the request, at the latest after applicable retention periods expire (in particular § 257 HGB, § 147 AO: 6 to 10 years for tax- or commercial-law-relevant correspondence).

8.3 Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy statement: https://privacy.microsoft.com/en-us/privacystatement.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States intended to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/6474.

Data processing agreement

We have concluded a data processing agreement (DPA) for the use of the service named above. This is a contract required under data protection law that ensures Microsoft Teams processes the personal data of our website visitors only on our instructions and in compliance with the GDPR.

9. Analytics with self-hosted Plausible

For statistical analysis of website usage we operate a self-hosted instance of Plausible Analytics on servers within the EU. No data is transferred to Plausible Insights OÜ or any other third party.

Plausible uses no cookies and stores no identifiers on your device. No personal profiles are built and no cross-device tracking is performed. We collect only aggregated metrics such as:

  • requested page (URL path, without query string)
  • HTTP referrer (referring page)
  • browser and operating system family
  • device type (desktop / tablet / mobile)
  • approximate country/region (based on IP address)
  • date and time of the request

The IP address is not stored. It is only processed temporarily, on a daily basis, to compute a non-reversible hash (with a daily rotating salt) used to detect returning visits, and is discarded immediately afterwards. Identification of individual persons is therefore not possible.

Our website code sends events exclusively to the same-origin endpoint /api/event on our own domain. Query strings and URL fragments are removed before transmission; cookies, localStorage, and sessionStorage are not used for this. If "Do Not Track" or "Global Privacy Control" is enabled in your browser, no analytics event is transmitted.

The legal basis is Art. 6 (1) (f) GDPR. Our legitimate interest lies in needs-based design and continuous improvement of our website. Since no information is stored on or read from your device, no consent under § 25 TDDDG is required.

You can object to processing at any time by enabling a "Do Not Track" or "Global Privacy Control" setting in your browser, or by blocking the /api/event path via a browser adblocker.

10. Fonts

Fonts are served exclusively from the same server (/fonts/...). There is no connection to Google Fonts or other external CDNs. No data is transferred to third-party providers such as Google when you visit our pages.

11. Embedded third-party content

Our website does not embed external content that automatically transmits data to third parties on page load (no YouTube videos, Google Maps, social media plugins, external trackers, etc.).

12. Recipients and processors

We only share personal data with third parties when this is necessary for contract performance, when there is a legal obligation, or when we have your explicit consent. We use the following processors based in the EU:

  • Hetzner Online GmbH, Gunzenhausen, for hosting and data center operations
  • Microsoft Ireland Operations Limited, Dublin, for Microsoft Teams and online communication

Data processing agreements pursuant to Art. 28 GDPR are in place with all processors.

13. Transfers to third countries

We transfer personal data to countries outside the European Economic Area (EEA) only where this is expressly described in this privacy policy. When Microsoft Teams is used, processing in the United States cannot be ruled out; Microsoft is certified under the EU-US Data Privacy Framework.

14. Storage period

We store personal data only for as long as necessary to achieve the stated purposes or as required by statutory retention periods. Once the purpose ceases, the data are deleted or blocked.

15. Your rights as a data subject

You have the following rights at any time concerning your personal data:

  • Access (Art. 15 GDPR) to information about the data we process
  • Rectification (Art. 16 GDPR) of inaccurate or incomplete data
  • Erasure (Art. 17 GDPR), unless statutory retention duties apply
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR) in a structured and commonly used format
  • Objection (Art. 21 GDPR) to processing based on Art. 6 (1) (f) GDPR, in
    particular against direct marketing
  • Withdrawal of consent (Art. 7 (3) GDPR), with effect for the future

To exercise these rights, an informal message to info@bitanker.eu is sufficient.

Right to lodge a complaint

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe the processing of your personal data violates the GDPR. The competent authority for us is:

Independent State Centre for Data Protection Schleswig-Holstein (ULD)
Holstenstraße 98, 24103 Kiel, Germany
Phone: +49 431 988-1200
Email: mail@datenschutzzentrum.de
Web: datenschutzzentrum.de

16. Objection to direct marketing

We hereby explicitly object to the use of your contact details for sending unsolicited advertising. We expressly reserve the right to take legal action in the event of unsolicited promotional information, e.g. via spam emails.

17. Data security

We implement technical and organizational measures (TOMs) to protect your data against accidental or intentional manipulation, loss, destruction or unauthorized access (Art. 32 GDPR). These include encrypted transmission (TLS), access restrictions, regular updates, logging of security-relevant events, and a documented authorization concept. Our security measures are continuously improved in line with technological developments.

18. No automated decision-making

No automated decision-making, including profiling within the meaning of Art. 22 GDPR, takes place.

19. Updates to this privacy policy

This privacy policy is currently valid. As our website evolves or due to changes in legal or regulatory requirements, it may become necessary to update this policy. The latest version is always available on this page.

Last updated: May 2026