We take the protection of your personal data very seriously. This Privacy Policy informs you how MoleHole (hereinafter referred to as "we", "us", or "the Provider") processes your personal data in relation to our security application. We strive to comply with data protection regulations.
1. Introduction and Scope
- 1.1. This Privacy Policy applies to the collection, use, and processing of personal data obtained through our ordering platform.
- 1.2. By using our service, you agree to the terms of this policy.
- 1.3. Since our company is established and operates within the European Union (Germany), we strive to comply with data protection regulations including GDPR where applicable.
2. Data Controller
2.1. The Data Controller responsible for processing your personal data is:
Service Provider:
Dimitri Pisarev
Rhiemsweg 92
22111 Hamburg
Germany
VAT Identification Number:
DE454574964
Contact:
E-Mail: [email protected]
3. Data Collection
We only collect data that is absolutely necessary for providing our security services (Data Minimization).
- 3.1. Account Data: Unique User ID, username, first and last name (if specified in profile).
- 3.2. Technical Metadata: Connection date and time, IP address, connection country, amount of data transferred. Note: We do not store details of your data activity.
- 3.3. Subscription and Payment Data: Subscription start and end dates, selected plan, transaction information (amount, status, payment provider), account balance.
3.5. No Logs Policy
- ❌ Activity Details: We do not log the websites you visit, DNS queries, or content you download.
- ❌ Activity Logs: We do not store your internet activity history, search queries, or communication content.
- ❌ Browsing Behavior: We do not track which apps or services you use.
- ✅ Connection timestamps: Start and end time of your secure connection (for billing and troubleshooting).
- ✅ Data volume: Total amount of data transferred (for billing purposes only).
- ✅ Selected server location: Which geographic region was used (for technical optimization).
Retention period: Technical logs are automatically deleted after 90 days. Payment data is retained for 10 years (tax obligation). You may request deletion of your data at any time via [email protected].
3.7. Consent to Data Processing
How do you give consent?
By using our services, you agree to the processing of your data as described in this Privacy Policy.
Withdrawing your consent:
You may withdraw your consent at any time by:
- Sending an email to [email protected] with the subject "Delete my data"
- Cancelling your subscription (automatic deletion of all data)
- Direct deletion request via email
Your rights: You have the right to view, correct, delete, or restrict the processing of your personal data at any time. Simply contact us via email at [email protected].
Scope of responsibility:
We only receive data that you voluntarily provide through the use of our services.
3.8. Cookies and Web-Tracking
We use no cookies and no tracking on our website.
- ❌ No Google Analytics
- ❌ No Meta-Pixels (Facebook Pixel)
- ❌ No third-party web tracking
- ❌ No marketing cookies
✓ Transparent: We don't track how you use our website. Your privacy comes first.
Ordering Platform:
Our platform uses secure web technologies for order processing.
Payment Providers:
Payment providers use technical cookies exclusively for payment processing. These are necessary for transactions and are removed after payment completion.
4. Purpose and Legal Basis
We process your data based on the following legal grounds:
- 4.1. Contract Performance. To provide the developed security application and activate subscriptions.
- 4.2. Legitimate Interest. For network security, fraud prevention, and the protection of the Provider's legitimate interests.
- 4.3. Legal Obligation. To comply with trade and tax retention laws.
5. Recipients of Data
We do not sell or rent your data to third parties for marketing purposes. Disclosure occurs only in the following cases:
- 5.1. Payment Providers. Data required for payment processing is transmitted to trusted payment processors to the extent necessary for the transaction.
- 5.2. Legal Requirements. We may disclose data to competent authorities if required by law or to protect our rights.
6. International Data Transfers
6.1. Since security services involve connecting to servers in various countries, your technical metadata may be processed outside the European Union (e.g., on servers located in other countries you select).
6.2. By selecting a server, you consent to the transfer of your data to the jurisdiction where that server is located.
7. Your Rights
You have the following rights regarding your personal data:
- Right of Access: You can confirm whether and what data about you is stored.
- Right to Rectification: You may request the correction of inaccurate or incomplete data.
- Right to Erasure: You may request the deletion of your data if it is no longer necessary.
- Right to Restriction of Processing: You may request the restriction of data processing instead of deletion.
- Right to Data Portability: You have the right to receive your data in a structured, commonly used format.
- Right to Object: You have the right to object to processing based on legitimate interests.
- Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority.
To exercise these rights, please simply contact us via email at [email protected]. We will respond to your request within a reasonable timeframe (usually within 30 days).
8. Data Retention
- 8.1. We retain your data only for as long as necessary for the purposes outlined in this policy.
- 8.2. Technical logs (metadata) are kept for a maximum of 90 days for security purposes and are then automatically deleted.
- 8.3. Billing and payment data may be retained longer to comply with legal retention obligations in Germany (typically 10 years).
- 8.4. You may request the deletion of your data at any time via email.
Automated Deletion: Technical metadata is automatically and irretrievably deleted after 90 days.
9. Data Security
9.1. We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or alteration.
- Secure data transmission channels.
- Restriction of employee access to user data.
- Regular updates of security systems.
10. Usage Restrictions
It is prohibited to use our security service for illegal activities.
- 10.1. Use of P2P networks (BitTorrent) to distribute copyrighted content.
- 10.2. Conducting DDoS attacks or cybercrime.
- 10.3. Sending spam or phishing materials.
11. Protection of Minors
Our service is not intended for persons under 16 years of age. We do not knowingly collect data from children. If you become aware that data of a child under 16 has been transmitted to us without parental consent, please inform us via email at [email protected] so that we can delete it immediately.
12. Changes to the Privacy Policy
12.1. We reserve the right to amend this Privacy Policy. We will notify users of any material changes via our website.
12.2. Continued use of the service after a change constitutes acceptance of the new version of the Privacy Policy.
13. Data Breaches
13.1. In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you immediately (within 72 hours of becoming aware) via email at [email protected].
13.2. The notification will include:
- Description of the nature of the data breach
- Categories of personal data affected
- Likely consequences of the data breach
- Planned or taken measures to address the data breach
🛡️ Protecting Your Data: We take technical and organizational measures to prevent data breaches. In the event of a breach, we are transparent and notify you as soon as possible.