Legal

Privacy policy

This page explains what personal data is processed when using Soundless and what rights you have.

Last updated:2 June 2025

Overview

Information pursuant to Articles 13 and 14 GDPR for using the Soundless platform.

Data controllerYour rightsThird-party providers

1. Data controller

The data controller responsible for processing on this website is:

Mario von Bassen
Gressengasse 1
97070 Würzburg
Email: mariovonbassen@gmail.com

The data controller decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

2. Your rights

Withdrawal of your consent

Certain processing operations are only possible with your explicit consent. You can withdraw consent you have already given at any time. To withdraw consent, an informal notification by email to mariovonbassen@gmail.com is sufficient. The lawfulness of processing carried out up to the withdrawal remains unaffected.

Right of access, rectification, restriction and erasure

Within the scope of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, the recipients and the purpose of the data processing. You may also have the right to rectification, restriction or erasure of this data. Please contact us by email at mariovonbassen@gmail.com.

Right to data portability

You have the right to receive data that we process automatically on the basis of your consent or in performance of a contract, either for yourself or for a third party, in a machine-readable format. Direct transfer of the data to another controller will only take place where this is technically feasible.

Right to lodge a complaint with a supervisory authority

In the event of a data protection breach, you have the right as a data subject to lodge a complaint with the competent supervisory authority. The competent supervisory authority for the Free State of Bavaria is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27, 91522 Ansbach
Email: poststelle@lda.bayern.de

3. Technical and organisational measures

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, our website uses SSL/TLS encryption. You can recognise an encrypted connection by the “https://” address line in your browser and the padlock symbol.

4. Server log files

Each time you access our website, the following information is automatically stored in server log files:

  • Visited page on our domain
  • Date and time of the server request
  • Browser type and version
  • Operating system used
  • Referrer URL (previously visited page)
  • Hostname of the accessing computer
  • IP address

This data is not merged with other data sources. The legal basis for processing is Article 6(1)(b) GDPR (performance of a contract / pre-contractual measures).

Retention period: Server log data is stored for up to 30 days and then automatically deleted. Anonymous statistical evaluation may be stored for up to 12 months.

5. Cookies & tracking

We use cookies on our website. These include:

  • Necessary cookies: These cookies are required to ensure basic website functionality (e.g. session ID). Legal basis: Article 6(1)(b) GDPR. Retention period: until the end of the browser session.
  • Statistics cookies (e.g. Google Analytics): Used to analyse user behaviour and website performance. Legal basis: consent under Article 6(1)(a) GDPR / § 25 TTDSG. Retention period: 14 months. Opt-out: possible via the cookie banner or browser settings.
  • Marketing cookies: Used for interest-based advertising and reach measurement. Legal basis: consent under Article 6(1)(a) GDPR / § 25 TTDSG. Retention period: 6 months. Opt-out: possible via the cookie banner.

You can change your cookie settings at any time via our cookie banner, or manage/disable them in your browser settings.

6. Use of third-party providers

6.1 Resend (email service, USA)

We use the email service Resend to send emails to our users. Resend is based in the USA, meaning personal data such as email addresses is transferred to the USA.

Purpose and legal basis: The transfer of personal data to Resend is based on our legitimate interests under Article 6(1)(f) GDPR to ensure efficient email communication.

Third-country transfer: We use standard contractual clauses under Article 46 GDPR to ensure an adequate level of data protection. Further information on Resend’s security measures can be found in their privacy policy.

Risks of transfer: The USA does not offer a level of data protection comparable to the EU. US authorities may be able to access personal data without you being informed or able to legally intervene.

Retention period: Data you provide is stored for a maximum of 12 months after the last interaction. Further information can be found in the Resend privacy policy.

6.2 Cloudflare CDN (USA)

We use Cloudflare CDN to deliver our content properly. Cloudflare is a service provided by Cloudflare, Inc. (USA) that delivers content faster via globally distributed servers. When you access our website, your IP address and browser data (user agent) are transmitted to Cloudflare.

Purpose and legal basis: The CDN is used based on our legitimate interests under Article 6(1)(f) GDPR (secure, efficient delivery and performance optimisation).

Third-country transfer: We have entered into standard contractual clauses of the EU Commission (Implementing Decision (EU) 2021/914 of 4 June 2021). You can view a copy of these clauses here.

Retention period: Data processed by Cloudflare is stored for up to 7 days. Further information can be found in the Cloudflare privacy policy.

6.3 Google Web Fonts (Ireland/USA)

We use Google Web Fonts provided by Google Ireland Limited to display fonts. When these fonts are loaded, your IP address is transmitted to Google.

Purpose and legal basis: Google Fonts are used based on your consent under Article 6(1)(a) GDPR and § 25 TTDSG.

Third-country transfer: Data is transferred to the USA. We have concluded standard contractual clauses under Article 46 GDPR. You can read the clauses here.

Retention period: Data is stored by Google Ireland Limited in accordance with their privacy policies. Further information can be found in the Google Fonts privacy policy.

6.4 Font Awesome (USA)

We use Font Awesome from Fonticons, Inc. (USA) to display icons. Your IP address may be transmitted to Fonticons.

Purpose and legal basis: Font Awesome is used based on your consent under Article 6(1)(a) GDPR and § 25 TTDSG. Data is processed in accordance with the Fonticons privacy policy: Font Awesome privacy policy.

6.5 Google Cloud Storage (USA)

We use Google Cloud Storage to store and manage content. IP addresses and, where applicable, other metadata are transmitted to Google.

Purpose and legal basis: Google Cloud Storage is used based on our legitimate interests under Article 6(1)(f) GDPR. Further information can be found in the Google Cloud privacy policy.

6.6 Hosting by Vercel (USA)

Our website is hosted on servers operated by Vercel, Inc. (USA). Vercel automatically stores server logs with IP addresses, browser data and other metadata to ensure operation and security.

Purpose and legal basis: Server logs are stored based on our legitimate interests under Article 6(1)(f) GDPR. Further information can be found in the Vercel privacy policy.

6.7 Google PageSpeed Insights (USA)

We use Google PageSpeed Insights to optimise the speed and performance of our website. IP addresses and performance data may be transmitted to Google.

Purpose and legal basis: This is used based on our legitimate interests under Article 6(1)(f) GDPR. Further information can be found in the Google privacy policy.

6.8 Google reCAPTCHA Enterprise (USA)

We use Google reCAPTCHA Enterprise, a service provided by Google Ireland Limited (USA), to prevent abuse and spam. This service analyses user behaviour to distinguish between human users and automated bots. The analysis starts automatically as soon as you access the website. Various information (e.g. IP address, time spent on the website, mouse movements) is transmitted to Google.

Purpose and legal basis: reCAPTCHA Enterprise is used based on our legitimate interests under Article 6(1)(f) GDPR to prevent abuse, spam and malicious automated access. The processing helps improve the security and integrity of our website.

Third-country transfer: Data may be transferred to the USA. We have entered into standard contractual clauses under Article 46 GDPR with Google to ensure an adequate level of data protection. Further information can be found in Google's privacy policy.

Risks of transfer: The USA does not offer a level of data protection comparable to the EU. US authorities may be able to access personal data without you being informed or able to legally intervene.

Retention period: Data processing by reCAPTCHA Enterprise takes place in accordance with Google’s policies. Details on retention can be found in Google's privacy policy.

7. Social media plugins

We do not use social media plugins on our website. No data is transferred to social networks.

8. Data protection officer

No external data protection officer has been appointed.

9. Changes to this privacy policy

This privacy policy is current as of 2 June 2025. We reserve the right to amend it if necessary. The current version can always be found here on our website.

Source: Privacy Policy configurator by Mein-Datenschutzbeauftragter.de