Legal

Privacy Policy

This is a template that accurately describes how this website processes data. Replace the [bracketed] identity details and have it reviewed by qualified counsel before publishing.

1. Controller

The controller responsible for the processing of personal data on this website is:

[Legal company name]
[Street address]
[Postal code, city, country]
Email: privacy@twinplanet.com
Phone: [phone]

If you have any questions about this policy or your data, contact us at the address above.

2. The data we collect, why, and on what legal basis

We only process the data you actively provide, plus the minimum technical data needed to operate the site securely. We do not use analytics, advertising or third-party tracking.

  • Contact / sample requests — name, work email, organisation, your area of interest and message. Purpose: to respond to your enquiry and provide the requested sample or information. Legal basis: steps taken at your request prior to entering a contract and our legitimate interest in answering enquiries (Art. 6(1)(b) and (f) GDPR).
  • Webinar registration — name, work email, organisation, chosen session and any question. Purpose: to register you, send a confirmation and calendar invite, and run the session. Legal basis: performance of your request (Art. 6(1)(b) GDPR).
  • Account registration — name, work email, organisation, phone, role and a hashed password. Purpose: to review and, if approved, grant access to live demos and software downloads. Accounts are approved manually. Legal basis: pre-contractual steps and our legitimate interest in vetting access to non-public material (Art. 6(1)(b) and (f) GDPR).
  • Newsletter — your email address. Purpose: to send occasional product updates. Legal basis: your consent (Art. 6(1)(a) GDPR), which you may withdraw at any time.
  • Server & security data — your IP address, user-agent and timestamps, used for rate-limiting form submissions and protecting the site against abuse. Legal basis: our legitimate interest in the security and integrity of the service (Art. 6(1)(f) GDPR).

3. Cookies

We set a single, strictly necessary session cookie to keep our forms secure (CSRF protection). Your cookie-banner choice is stored locally in your browser. We use no third-party, analytics or advertising cookies. See our Cookie Policy for details.

4. Recipients & processors

We operate this website and our email on our own, self-hosted infrastructure. We do not share your data with third-party advertising networks, analytics providers or email-marketing services, and we do not sell it. Email you send or receive through our forms is delivered via our own mail server. We disclose data only where we are legally required to do so.

5. International transfers

Your data is hosted on our infrastructure in [hosting region, e.g. the EU/EEA]. We do not transfer personal data to third countries. [If your hosting is outside the EEA, describe the safeguards used.]

6. Retention

We keep enquiry, webinar and account data only as long as necessary for the purposes above and for any applicable statutory retention periods, then delete it. Newsletter data is kept until you unsubscribe. Security logs are kept for a short period and then rotated.

7. Your rights

Under the GDPR you have the right to access your data and to its rectification, erasure, restriction of processing, data portability, and to object to processing based on legitimate interests. Where processing is based on consent, you may withdraw it at any time without affecting prior processing. To exercise any right, email privacy@twinplanet.com.

You also have the right to lodge a complaint with a supervisory authority. In Germany this is the data-protection authority of your federal state (Landesdatenschutzbehörde) or the authority responsible for the controller.

8. Changes

We may update this policy as the site evolves; the “last updated” date above always reflects the current version.