Privacy Policy

1. Overview of Data Protection

1.1 The following information provides a simple overview of what happens to your personal data when you use our Thymis Cloud platform or visit our website.

1.2 Personal data is any information that can be used to identify you personally.

1.3 Detailed information can be found in the sections below.

2. Controller

2.1 The controller responsible for data processing is Udysseus GmbH, Technologiepark 6, 33100 Paderborn, Germany.

2.2 Contact:

  • Phone: +49 5251 297 2162

  • Email: datenschutz@udysseus.com

    2.3 The controller is the natural or legal person that determines, alone or jointly with others, the purposes and means of processing personal data.

3. Hosting and Infrastructure

3.1 Our platform is hosted on servers operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

3.2 All data is stored exclusively on servers located in Germany.

4. Data We Process

4.1 When visiting the website, we collect:

  • technical data (browser type, operating system, IP address, time of access)

  • server log files for system operation and security

    4.2 When using the platform (SaaS), we process:

  • registration data (name, email address, password)

  • contract and billing data (plan, billing address, payment data via Stripe)

  • usage data (logins, API requests, device interactions)

  • communication data (emails, support requests)

  • project data (content, configurations, deployments that you upload or manage)

    4.3 Payment processing is handled by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Privacy Policy: https://stripe.com/privacy

5.1 Contract performance (Art. 6(1)(b) GDPR): Provision of the platform, device management, support, billing

5.2 Legitimate interests (Art. 6(1)(f) GDPR): Operation, security, prevention of misuse, usage analysis

5.3 Consent (Art. 6(1)(a) GDPR, § 25 TTDSG): e.g., cookies, Google reCAPTCHA, newsletters

5.4 Legal obligations (Art. 6(1)(c) GDPR): Fulfillment of tax and commercial retention obligations

6. Data Retention

6.1 Your data will only be stored as long as necessary for the respective purpose.

6.2 Once the purpose ceases to apply, your data will be deleted unless legal retention periods require otherwise.

7. Data Security

7.1 We implement technical and organizational measures, including:

  • TLS/SSL encryption for all connections
  • access controls to platform and systems
  • backup and recovery mechanisms

8. Data Sharing

8.1 Data is only shared if:

  • required for contract performance (e.g., payment processing with Stripe),

  • we are legally obliged to do so,

  • you have given your consent.

    8.2 Transfers to third countries may occur when using services such as Google reCAPTCHA (USA) and only after your explicit consent.

9. Data Processing Agreements

9.1 With business customers, we provide a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR upon request.

10. Cookies and Tools

10.1 We use technically necessary cookies and similar technologies that are required to provide and secure our website and services.

10.2 Optional cookies and tools (e.g., for measurement and marketing) are only used after your consent.

10.3 We currently use:

  • Google Ads conversion tracking (optional, consent-based)

  • Google reCAPTCHA for abuse prevention on forms (consent-based)

    10.4 You can accept or decline optional cookies via our consent banner. You can also change your decision at any time by deleting cookies in your browser and making a new choice on your next visit.

    10.5 If you do not consent, no optional Google Ads tracking is performed.

    10.6 To protect against abuse, we use Google reCAPTCHA – but only after your explicit consent. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. More information: Google Privacy Policy, Google Terms of Service.

11. Your Rights

11.1 You have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

    11.2 You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

12. Contact for Data Protection

12.1 For any data protection inquiries, please contact: Email: datenschutz@udysseus.com

13. Changes

13.1 We reserve the right to amend this privacy policy if necessary, e.g., when new features are introduced or when legal requirements change.

Privacy settings

We use essential cookies for operation and security. Optional cookies for measurement and marketing are only used with your consent. View privacy policy

ende