StackGPU Privacy Policy

Technical Cookies

We employ technical cookies that are essential for collecting information on our platforms to provide services requested or desired by users. The legal basis for using these cookies is our legitimate interest under Art. 6 para. 1 lit. f GDPR, which pertains to our business purposes. Additionally, for users, the legal basis is the fulfilment of your contract with us, according to Art. 6 para. 1 lit. b GDPR.

Custom Cookies

We use both session cookies and persistent cookies to ensure smooth navigation and functionality of our platforms. Session cookies facilitate seamless use of our services (e.g., access to the StackGPU account) and are deleted at the end of your browser session. Persistent cookies, on the other hand, remain on your device for a predetermined period, enabling us to recognize your browser upon your next visit and save you from re-entering information or settings. For example, persistent cookies can store your language preference, so you don’t have to select it each time you visit our site.

We also use cookies, JavaScript-based codes, and web beacons for analytical purposes. These technologies help us gather data on the number of visitors and their behavior on our platforms, enhance the security of our systems, and prevent misuse.

Third-Party Cookies and Technologies

Here, we detail the use of third-party cookies and similar tracking technologies, as well as the providers involved. We also explain how you can opt out of these cookies. The use of these technologies is based on Art. 6 Para. 1 S. 1 lit. f GDPR. Our aim is to ensure our platforms meet customer needs and are continuously improved. Additionally, these technologies help us gather statistical data on website usage and enhance our offerings and advertisements. These purposes are considered legitimate interests under the GDPR. You can disable third-party cookies entirely through your browser settings.

Google Analytics

To design our platforms according to user demand and to optimize them continuously, we use Google Analytics, a web analysis service provided by Google Inc., located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). This service uses cookies and tags to create pseudonymous user profiles. The cookie collects information about your use of the platforms, including browser type/version, operating system, referrer URL (previously visited page), IP address of the accessing computer, and time of the server request, and transmits it to a Google server in the USA, where it is stored. The data is utilized to analyze platform usage, compile reports on platform activities, and provide additional services to customize our offerings. This information may also be shared with third parties if required by law or if third parties process the information on Google's behalf.

Your IP address will not be combined with other Google data under any circumstances. We employ Google Analytics with IP anonymization enabled, meaning that Google truncates IP addresses within EU member states or other parties to the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. You can prevent the collection of data generated by the cookie and related to your use of the platforms, as well as the processing of this data by Google, by downloading and installing a browser add-on available at https://tools.google.com/dlpage/gaoptout?hl=en. Additional information on how Google uses data for advertising purposes, as well as options for settings and objections, can be found on Google's websites under "Google's use of data when you use our partners' sites or apps," "Google's use of data for advertising," "Manage information Google uses to show you ads," and "Control which ads Google shows you."

Remarketing and Conversion Tracking

We employ Google Ads and DoubleClick technologies on our platforms to display advertisements based on previous interactions with our sites or other websites. These services are provided by Google Inc., located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). This enables us to present personalized, interest-based ads to our platform visitors. The advertisements may appear on sites within the Google Display Network. To analyze website usage, which is essential for showing relevant ads, we integrate tags into our platforms. These tags store or access cookies from the advertising network on the user’s device. If you later visit another site within these networks, you may see ads related to the content you previously viewed on our platforms. These cookies track your website visits, clicked offers, technical information about your browser and operating system, referring websites, and the duration of your visits. Except for the IP address, which is immediately anonymized, no data is processed that could personally identify you. Data is processed pseudonymously, meaning it is linked to cookie-related pseudonymous user profiles, not specific individuals. From the provider’s perspective, data processing is associated with the cookie holder, regardless of who that may be.

The information collected by these cookies about your visit is sent to Google’s servers for storage. This data is not combined with other personal data held by Google. We do not have access to the content of the transmitted data or how it is used by the advertising networks. We can only determine the user segments (e.g., by age, interests) for our targeted advertising. The legal basis for this processing is our legitimate interest under Art. 6 (1) (f) GDPR, specifically pursuing our business objectives, which includes targeted advertising.

Additionally, we use these cookies and tags to statistically analyze and optimize the usage of our platforms and newsletters. This includes tracking certain activities, such as viewing or submitting the contact form on our website, to assess the effectiveness of our advertisements (conversion tracking). This processing is also based on our legitimate interest under Art. 6 (1) (f) GDPR, namely our business objectives. Google, based in the USA, complies with the Privacy Shield framework, ensuring an adequate level of data protection according to the European Commission’s decision (EU) 2016/1250. Therefore, data transmission to the USA is permitted under Art. 45 GDPR.

You can disable the use of these cookies by opting out through your browser settings or Google’s settings.

Newsletter Tracking

For the purpose of statistically evaluating our newsletter campaigns, our newsletters may include tracking tags that enable us to determine if and when you have opened an email. Additionally, we can track which links within the email were clicked. Although your IP address is recorded for this process, it is not stored, and no other personal data is collected. The legal basis for this processing is our legitimate interest under Art. 6 Para. 1 letter f GDPR, specifically focusing on the assessment and enhancement of our newsletter's performance. You can opt out of receiving our newsletters at any time by using the unsubscribe link provided by Mailchimp in each email.

Hosting Services

To ensure the robust hosting and secure backup of our platforms, we rely on Amazon Web Services, Inc., located at 410 Terry Drive Ave North, WA 98109-5210 Seattle, USA, under strict order processing agreements. This involves the transfer of personal data stored on our platforms to Amazon Web Services for processing. Data processing occurs both within the EU and the USA. The transfer of data to the USA, and thereby outside the EU or EEA, complies with Art. 45 GDPR, as Amazon Web Services Inc. holds Privacy Shield certification. This certification guarantees an adequate level of data protection in accordance with the European Commission's decision (EU) 2016/1250. You can verify the certification status at Privacy Shield List.

Email Communication Providers

For efficient email communication, we utilize the services of the following providers under rigorous order processing agreements:

• MailChimp: Provided by The Rocket Science Group, LLC, located at 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA.
• Google LLC: Headquartered at Amphitheatre Parkway, Mountain View, CA 94043, USA.

These service providers process personal data within the scope of our contractual arrangements. Your data may be transferred to the USA, a country outside the EU or EEA. This transfer complies with Art. 45 GDPR, as both providers maintain Privacy Shield certification, as detailed in Section 6.1 above. You can review the certifications at MailChimp Privacy Shield Certification and Google Privacy Shield Certification.

Right to Know

You can ask us to confirm whether we’re processing your personal data.

If we are, you can request the following details:

• Why we’re processing your personal data.
• What types of personal data we’re processing.
• Who we’re sharing your personal data with or who might receive it.
• How long we plan to store your personal data, or if we can’t specify, the criteria we use to determine storage periods.
• Your rights to correct or delete your personal data, limit its processing, or object to it.
• Your right to complain to a supervisory authority.
• Any available information on where we got your data if we didn’t get it from you directly.
• Whether we use automated decision-making, including profiling, under GDPR Article 22(1) and (4), and if so, meaningful details about the logic used and the potential consequences for you.

You can also find out if your personal data is transferred to a third country or international organization. If it is, you can ask about the safeguards under GDPR Article 46 that apply to this transfer.

We may limit your right to information if providing it would make it impossible or seriously impair the purpose of statistical analysis, and this restriction is necessary to achieve those goals.

Right to Rectification

You have the right to have any inaccurate or incomplete personal data corrected or completed by the data controller promptly.

However, this right may be restricted if correcting the data is likely to hinder or seriously impair statistical purposes, and this restriction is necessary to fulfill those objectives.

Right to Restrict Processing

Under specific circumstances, you can request that the processing of your personal data be restricted:

• If you contest the accuracy of your personal data, for a period allowing us to verify its accuracy.
• If the processing is unlawful, and instead of erasing the data, you request restriction of its use.
• If we no longer need the personal data for processing purposes, but you require them to establish, exercise, or defend legal claims.
• If you have objected to processing under GDPR Article 21(1), and it's pending verification whether our legitimate grounds override yours.

When your personal data processing is restricted, except for storage, it can only proceed with your consent, or for legal claims, or to protect the rights of another natural or legal person, or for important public interests of the EU or a Member State.

You will be notified in advance if processing restrictions are due to be lifted, provided the conditions above are met. However, your right to restrict processing may be limited if it is likely to impede or seriously jeopardize statistical purposes, and this limitation is necessary to achieve those aims.

Right to Erasure

Obligation to Delete

You have the right to request the immediate deletion of your personal data, and we are obligated to comply if one of the following reasons applies:

The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed. You withdraw your consent on which the processing was based according to GDPR Article 6(1)(a) or Article 9(2)(a), and there is no other legal basis for processing.

You object to the processing under GDPR Article 21(1), and there are no overriding legitimate grounds for the processing, or you object to the processing under GDPR Article 21(2). The personal data concerning you have been unlawfully processed.

Deleting your personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject. The personal data concerning you have been collected in relation to the provision of information society services as referred to in GDPR Article 8(1).

Notification to Third Parties

If we have disclosed your personal data publicly and are required to erase it under GDPR Article 17(1), we will take reasonable steps, including technical measures, considering available technology and implementation costs, to inform other data controllers processing the personal data that you, as the data subject, have requested the deletion of any links to, or copies or replications of, this personal data.

Exceptions

The right to erasure does not apply if processing is necessary:

• to exercise the right of freedom of expression and information;
• for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
• for reasons of public interest in the area of public health as specified in GDPR Article 9(2)(h) and (i) and Article 9(3);
• for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes under GDPR Article 89(1), to the extent that the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
• for the establishment, exercise, or defense of legal claims.

Right to Data Portability

You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. Furthermore, you are entitled to transmit this data to another controller without hindrance from us, provided that:

• The processing is based on consent as per Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, or on a contract as per Article 6(1)(b) GDPR; and
• The processing is carried out by automated means.

In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This transmission must not adversely affect the rights and freedoms of others.

The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Right to Object

You have the right to object, at any time and for reasons related to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) GDPR, including profiling based on these provisions.

In such cases, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your data for such marketing, including profiling related to direct marketing. Upon your objection, your personal data will no longer be used for these purposes.

You may exercise this right of objection through automated means using technical specifications in the context of Information Society services, as per Directive 2002/58/EC. You also have the right to object to the processing of your personal data for statistical purposes under Article 89(1) GDPR, provided there are reasons related to your specific situation. This right may be limited if exercising it would likely render the achievement of statistical purposes impossible or seriously impair them, and if such limitation is necessary for the fulfillment of these statistical purposes.

Right to Withdraw Consent

You retain the right to withdraw your consent to our data protection declaration at any time. The withdrawal will not affect the lawfulness of any processing performed based on the consent prior to its withdrawal.

• Procedure for Withdrawal :
  To withdraw your consent, you may contact our data protection officer or use the automated tools available on our platform. Detailed instructions for withdrawal will be provided to ensure the process is straightforward.
• Impact of Withdrawal :
  Once consent is withdrawn, we will cease processing your personal data for the purposes originally consented to. However, this will not affect any processing conducted prior to the withdrawal.
• Service Continuity :
  Withdrawal of consent may impact the availability of certain features or services on our platform that rely on the data you initially provided. We will inform you of any such impact beforehand.
• Data Retention Post-Withdrawal:
  Even after consent withdrawal, certain data may be retained to comply with legal obligations or for legitimate business interests, such as maintaining transaction records and preventing fraud.

Verification of Identity : To protect your privacy and ensure the authenticity of the withdrawal request, we may require verification of your identity before processing your request.

Right to Avoid Automated Decisions and Profiling

• Is necessary for entering into, or the performance of, a contract between you and the data controller;
• Is authorized by Union or Member State law to which the data controller is subject and which also lays down suitable measures to safeguard your rights, freedoms, and legitimate interests; or
• Is based on your explicit consent.Automated decisions cannot be based on special categories of personal data under Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies, and adequate measures are in place to protect your rights, freedoms, and legitimate interests.

For decisions falling under categories (1) and (3), we will ensure appropriate safeguards for your rights, freedoms, and legitimate interests. These safeguards include at least the right to obtain human intervention on the part of the data controller, to express your point of view, and to contest the decision.

Right to Lodge a Complaint with a Supervisory Authority

Without limiting any other administrative or judicial remedies, you have the right to file a complaint with a supervisory authority, particularly in the Member State where you reside, work, or where the alleged infringement occurred, if you believe that the processing of your personal data violates the GDPR.

Selection of Supervisory Authority : You may choose to lodge your complaint with a supervisory authority in your country of residence, your place of work, or the location where the alleged GDPR infringement occurred. Each EU Member State has its own designated authority responsible for data protection.

Procedure for Filing a Complaint : Detailed information on how to file a complaint, including contact details of relevant supervisory authorities, can be found on our website. We also offer support in directing you to the appropriate authority if needed.

Required Information : When lodging a complaint, it is essential to provide specific information such as your contact details, a description of the issue, and any relevant evidence supporting your claim. This will facilitate the supervisory authority’s investigation.

Confidentiality Assurance : Your complaint will be handled confidentially. The supervisory authority will not disclose your identity to the entity under investigation without your consent, unless it is necessary for the investigation process.

Progress Updates :The supervisory authority with which the complaint is filed will inform you about the progress and the outcome of your complaint, including any decisions or measures taken. This includes details on the possibility of seeking a judicial remedy under Article 78 GDPR.

Judicial Remedies :If you are not satisfied with the supervisory authority’s handling of your complaint or its decision, you have the right to seek a judicial remedy. This involves bringing the matter before the national courts as per the provisions of Article 78 GDPR.

Implications for Non-Compliance: Filing a complaint can lead to investigations and potential sanctions against entities found to be non-compliant with GDPR. These can include fines, orders to cease processing activities, and requirements to rectify non-compliance issues.

Obligation to Provide Personal Data

When creating a StackGPU account, you must provide certain personal information as part of the contractual agreement with us. Similarly, when submitting a support request, you need to supply the necessary details for us to track and assist with your query. Beyond these scenarios, providing personal data is neither legally nor contractually mandatory, and you are not obligated to share it. However, in some cases, the provision of personal data is necessary to access our services fully. If you choose not to provide the required information, we might be unable to offer our services to you comprehensively.

Modifications to the Privacy Policy; Purpose Change

We reserve the right to update this privacy policy in accordance with data protection regulations. The latest version will always be available here or at another easily accessible location on our website or platform. Should we plan to use your data for purposes different from those initially collected, we will notify you in advance, ensuring compliance with legal requirements.

In addition, significant changes to the privacy policy will be communicated through direct channels, such as email notifications or platform alerts, to ensure you are fully informed about how your data is being managed. We encourage you to review our privacy policy periodically to stay informed about any modifications. Your continued use of our services following any changes signifies your acceptance of the updated policy. If you have any questions or concerns regarding the modifications, please contact our support team for clarification. Our commitment is to maintain transparency and protect your privacy while providing you with the best possible service.