Privacy Policy
Draft for commercial preparation: replace the company/contact placeholders and review this policy with a qualified legal professional before publishing.
Controller
DB-Backup Manager is operated by the company named in the Impressum. Replace this paragraph with the legal company name, postal address, privacy contact email, and data protection officer details where applicable.
What this website processes
The website and customer portal may process account, license, subscription, payment status, activation, support, security, and audit metadata. Typical data includes email address, company name, selected plan, activation key, license status, subscription status, billing reference IDs, hashed activation/machine identifiers, login timestamps, and support messages.
The licensing website is designed not to collect database contents, backup files, database passwords, SMTP passwords, internal server paths, or customer backup destinations from the desktop backup application.
Purposes and legal bases
Account and license portal
Used to create accounts, issue activation keys, manage plan limits, and refresh license status. Legal basis may include contract performance and legitimate security interests.
Billing and subscriptions
Stripe may process payment and subscription data. DB-Backup Manager stores subscription status and references needed to provide the paid service.
Security and audit logs
Login, activation, revocation, and admin actions may be logged to protect accounts, investigate abuse, and meet operational obligations.
Optional analytics or marketing
Optional analytics and marketing technologies must only be activated after the visitor gives consent in the privacy settings dialog.
Cookies and local storage
Essential storage is used for login sessions, checkout flow, security, and saving privacy preferences. Optional functional, analytics, and marketing categories are disabled unless accepted by the visitor.
Desktop application and backups
The Windows application stores backup jobs, credentials, cloud tokens, encryption settings, and logs locally on the customer machine or server. Sensitive local values are designed to be protected with Windows DPAPI. Backup files are not uploaded to the licensing website. Cloud backup destinations such as OneDrive are configured directly by the customer and should use client-side backup encryption.
Recipients and processors
Possible recipients or processors may include hosting providers, Cloudflare for website and Worker hosting, Stripe for subscription payments, email providers for transactional messages, and support tools selected by the operator. Add the exact production sub-processors before launch.
Retention
Account and license records are kept for the duration of the customer relationship and for statutory retention periods where required. Security and audit logs should have a documented retention period. Optional consent records are retained only as long as needed to prove or manage the visitor's choice.
Your rights
Depending on applicable law, users may have rights to access, rectification, deletion, restriction, portability, objection, and withdrawal of consent. Add the correct supervisory authority and request process before publication.
Contact
Privacy contact: privacy@example.com. Replace this with the real privacy contact address before launch.