Solidcheck

Privacy Policy

Last updated: January 2026

1. Introduction

softstack GmbH ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Solidcheck platform and related services (the "Service").

We process personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our Service, you consent to the data practices described in this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:

softstack GmbH
Schiffbrückstraße 8
24937 Flensburg
Germany

Email: [email protected]

3. Information We Collect

3.1 Information You Provide

We collect information you voluntarily provide when using our Service:

  • Account Information: Name, email address, company name, job title, and password when you register
  • Billing Information: Payment card details, billing address, and VAT identification number (processed by our payment provider)
  • Communication Data: Information you provide when contacting us via email, contact forms, or support tickets
  • User Content: Smart contract addresses, wallet addresses, and other blockchain-related data you submit for analysis
  • Preferences: Notification settings, alert configurations, and dashboard customizations

3.2 Information Collected Automatically

When you access our Service, we automatically collect certain information:

  • Device Information: Device type, operating system, browser type, and version
  • Log Data: IP address, access times, pages viewed, and referring URLs
  • Usage Data: Features used, actions taken, and interaction patterns within the Service
  • Cookies and Tracking: Information collected through cookies and similar technologies

3.3 Blockchain Data

Our Service analyzes publicly available blockchain data, including:

  • Smart contract code and metadata
  • Transaction histories and patterns
  • Token holder distributions
  • Governance events and proposals

This data is publicly available on blockchain networks and is not considered personal data under most circumstances.

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance (Art. 6(1)(b) GDPR): Processing necessary to provide our Service and fulfill our contractual obligations
  • Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate business interests, such as improving the Service, preventing fraud, and ensuring security
  • Legal Obligations (Art. 6(1)(c) GDPR): Processing necessary to comply with legal requirements, such as tax and accounting obligations
  • Consent (Art. 6(1)(a) GDPR): Processing based on your explicit consent, such as marketing communications

5. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, operate, and maintain the Solidcheck platform
  • Account Management: To create and manage your account, process payments, and provide customer support
  • Service Improvement: To analyze usage patterns, develop new features, and enhance user experience
  • Communications: To send service-related notifications, security alerts, and updates
  • Marketing: To send promotional materials (with your consent) and information about new features
  • Security: To detect, prevent, and address fraud, abuse, and security issues
  • Legal Compliance: To comply with legal obligations and respond to lawful requests
  • Analytics: To generate aggregated, anonymized statistics about Service usage

6. Information Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

6.1 Service Providers

We engage third-party service providers to perform functions on our behalf:

  • Cloud hosting and infrastructure (e.g., AWS, Google Cloud)
  • Payment processing (e.g., Stripe)
  • Email delivery services
  • Analytics and monitoring tools
  • Customer support platforms

These providers are contractually obligated to protect your data and may only use it for the specified purposes.

6.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests from public authorities.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7. International Data Transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Other legally approved transfer mechanisms

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active and for 3 years after account closure
  • Transaction Data: Retained for 10 years to comply with German tax and commercial law requirements
  • Usage Data: Retained for 2 years for analytics and service improvement purposes
  • Marketing Data: Retained until you withdraw consent or unsubscribe
  • Support Communications: Retained for 3 years after resolution

After the retention period expires, we securely delete or anonymize your data.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection
  • Incident response and breach notification procedures
  • Regular backups and disaster recovery plans

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

10. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right of Access (Art. 15): Request a copy of your personal data we hold
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction (Art. 18): Request limitation of processing in certain circumstances
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Art. 7): Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with a supervisory authority

To exercise your rights, please contact us at [email protected]. We will respond to your request within 30 days.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information:

11.1 Types of Cookies

  • Essential Cookies: Necessary for the Service to function properly (e.g., authentication, security)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how you use the Service
  • Marketing Cookies: Used to deliver relevant advertisements (only with consent)

11.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Service.

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal data.

13. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also send you an email notification.

We encourage you to review this Privacy Policy periodically for any changes.

15. Supervisory Authority

If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority. For Germany, the relevant authority is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98
24103 Kiel
Germany
Website: www.datenschutzzentrum.de

16. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

softstack GmbH
Schiffbrückstraße 8
24937 Flensburg
Germany

Email: [email protected]
General Inquiries: [email protected]