How we protect and handle your personal information
Klaus-E. Klingner
Address / Anschrift:
c/o IP-Management #6585
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany
Email: support@kioju.de
No Data Protection Officer required.
Based on the scope and nature of our data processing activities, we are not required to appoint a
Data Protection Officer under Art. 37 GDPR.
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
Phone: +49 (0) 981 180093-0
Email: poststelle@lda.bayern.de
Website: www.lda.bayern.de
You have the right to lodge a complaint with the supervisory authority if you believe your data protection rights have been violated. You may contact us first to resolve any concerns, or contact the BayLDA directly.
We use your information only for providing and improving our service:
Managing your links and collections, providing core functionality
Authentication, user preferences, and personalized experience
Protecting against abuse, spam, and unauthorized access
Sending invitations when you request them, important updates
Each processing activity has a specific legal basis under GDPR Article 6:
| Data Category | Processing Purpose | Legal Basis (Art. 6 GDPR) | Retention Period |
|---|---|---|---|
| Account Information Username, email, password |
User registration and authentication | Art. 6(1)(b) - Contract Performance Necessary for providing the service you requested |
Until account deletion or 3 years after last login |
| User Content Links, collections, descriptions |
Providing link management service | Art. 6(1)(b) - Contract Performance Core functionality of the service |
Until account deletion or user removes content |
| Technical Data IP addresses, session data |
Security, fraud prevention, system stability | Art. 6(1)(f) - Legitimate Interest Protecting our service and users from abuse |
30 days for logs, session duration for session data |
| Browser Information User agent, capabilities |
Technical compatibility and optimization | Art. 6(1)(f) - Legitimate Interest Ensuring service functionality across devices |
Not stored permanently, processed in real-time |
| Communication Data Contact form messages, support emails, invitation emails |
Responding to inquiries and user-requested communications | Art. 6(1)(a) - Consent When you contact us or request invitations |
Until inquiry resolved and reasonable follow-up period (max. 3 years) |
| Account Preferences Settings, customizations |
Personalizing user experience | Art. 6(1)(b) - Contract Performance Part of the personalized service |
Until account deletion or user changes settings |
All email subscriptions (such as waiting list) require double opt-in verification. You must click a verification link sent to your email address to complete subscription.
We use separate, unchecked consent checkboxes for different types of communications. Pre-ticked boxes are never used.
We maintain detailed records of when and how you gave consent, including timestamp, IP address, and consent version for GDPR compliance.
Consent can be withdrawn at any time using unsubscribe links in emails or by visiting our unsubscribe page.
| Consent Type | Purpose | Verification Method | Withdrawal Options |
|---|---|---|---|
| Waiting List | Join invitation waiting list, receive invitation notifications | Double opt-in email verification required | Unsubscribe link, unsubscribe page, email us |
| Contact Form | Process and respond to your inquiry, provide requested support | Explicit consent checkbox required on contact form | Email us to request deletion of your inquiry and our response |
All passwords are securely encrypted using industry-standard hashing. Data transmission uses HTTPS encryption.
Limited administrative access with regular security audits and monitoring for unusual activity.
Security patches and updates are applied promptly to protect against emerging threats.
We work with carefully selected service providers to deliver our service. All processors are bound by Data Processing Agreements (DPAs) and meet GDPR requirements.
| Service Provider | Purpose | Data Processed | Location | DPA Status |
|---|---|---|---|---|
| Server4You GmbH Hessen-Homburg-Platz 1 63452 Hanau, Germany |
Web hosting, server infrastructure | All website data, user accounts, content | 🇩🇪 Germany (EU) | ✓ DPA Signed |
| IMPRESSUMPRIVATSCHUTZ GmbH Ludwig-Erhard-Str. 18 20459 Hamburg, Germany |
secure and reliable postal address | postal mail sent to us | 🇩🇪 Germany (EU) | ✓ DPA Signed |
| PHP Mail Function Server-based email delivery |
Transactional emails (verification, notifications) | Email addresses, email content | 🇩🇪 Germany (EU) | Internal Service |
All data processors have signed Data Processing Agreements containing:
All data processing takes place within the European Union:
You have full control over your data:
View all data we have about you, including account information and saved links
Modify any incorrect information or update your account details anytime
Permanently delete your account and all associated data whenever you choose
Download your data in a portable format for backup or migration
Manage your communication preferences and opt out of emails
We use only essential session cookies for authentication and site functionality. No tracking or analytics cookies.
All session cookies are automatically deleted when you log out or close your browser.
Email: support@kioju.de
Contact: Klaus-E. Klingner
Response time: Within 48 hours
For any privacy-related questions, data access requests, corrections, or account deletion, please contact us using the email above.
Last updated: August, 12 2025
Have questions about your privacy or want to manage your data?
Kioju