vote4rewards.de

Privacy Policy

This privacy policy explains how Vote 4 Rewards collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

General Information

Vote 4 Rewards ("we", "us", or "our"), operated by Alexander Frank, operates the website vote4rewards.de. We are committed to protecting your privacy and ensuring the security of your personal data. This privacy policy explains how we collect, use, and protect your information in accordance with the GDPR and the German Digital Services Act (DDG).

Data Controller

The data controller responsible for processing your personal data is:

Alexander Frank

c/o IP-Management #8154

Ludwig-Erhard-Str. 18

20459 Hamburg

E-Mail: [email protected]

Data Collection and Processing

We collect and process the following categories of personal data:

Account Data

When you create an account, we collect: username, email address, password (encrypted), registration date, and account preferences.

Usage Data

We automatically collect information about your interactions with our website, including: IP address, browser type, operating system, pages visited, time spent on pages, and referral sources.

Voting Data

When you participate in voting activities, we collect: voting history, server preferences, voting timestamps, IP address for voting interval enforcement, and reward claims.

Communication Data

If you contact us via email or other means, we collect: your name, email address, message content, and communication history.

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Consent: When you explicitly agree to data processing (e.g., newsletter subscription)
  • Contract: To provide our services and fulfill contractual obligations
  • Legitimate Interest: To improve our services, ensure security, and prevent fraud
  • Legal Obligation: To comply with applicable laws and regulations
How We Use Your Data

We use your personal data for the following purposes:

  • To provide and maintain our voting and rewards services
  • To authenticate your account and ensure security
  • To process votes and distribute rewards
  • To communicate with you about your account and services
  • To improve our website and services through analytics
  • To comply with legal obligations and protect our rights
Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. Below is detailed information about each cookie we use:

These cookies are essential for the website to function properly. They enable basic functions like page navigation and access to secure areas of the website.

Cookie Name Cookie Identifier Purpose Duration Provider
Laravel Session Cookie laravel_session Maintains user session state, authentication, and CSRF protection. Essential for login, form submissions, and voting functionality. 120 minutes Laravel Framework (First Party)
XSRF-TOKEN XSRF-TOKEN Protects against Cross-Site Request Forgery (CSRF) attacks. Required for secure form submissions. 120 minutes Laravel Framework (First Party)
Cookie Consent cookie_consent Stores your cookie preferences and consent choices. 365 days This Website (First Party)
You can manage cookie preferences through your browser settings.
Data Sharing and Third Parties

We may share your data with third parties in the following circumstances:

  • Service Providers: Stripe for payment processing, hosting providers, and analytics services
  • Reward Callbacks: Server operators receive your username/ID for reward verification (as specified in voting process)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In case of merger, acquisition, or sale of assets
Payment Processing via Stripe
Payment Service Provider

We use Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, United States, as our payment service provider for processing subscription payments and other transactions on our platform.

Data Processed by Stripe

When you make a payment through our platform, Stripe processes the following personal data on our behalf:

  • Name and email address
  • Billing address
  • Payment card information (card number, expiration date, CVV)
  • Transaction amount and currency
  • IP address and device information
  • Transaction history and payment status
Payment Data Storage

All payment card data is processed and stored directly by Stripe. We do not store complete payment card details on our servers. We only retain transaction identifiers, payment status, and metadata necessary for service delivery and accounting purposes.

Legal Basis

The processing of your payment data by Stripe is based on:

  • Article 6(1)(b) GDPR - Processing is necessary for the performance of the contract between you and us
  • Article 6(1)(f) GDPR - Processing is necessary for our legitimate interests in secure payment processing and fraud prevention
International Data Transfers

Stripe, Inc. is based in the United States. When you make a payment, your data may be transferred to and processed in the United States. Stripe complies with the EU-U.S. Data Privacy Framework and uses Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection of your personal data in accordance with GDPR requirements.

Security Standards

Stripe is certified as a PCI Service Provider Level 1, the highest level of certification in the payment card industry. This certification ensures that Stripe maintains the highest standards of security for processing, storing, and transmitting payment card information.

Stripe Privacy Policy

For detailed information about how Stripe processes your personal data, please review Stripe's Privacy Policy at:

https://stripe.com/privacy
Data Retention

Stripe retains payment data in accordance with legal requirements and their data retention policies. We retain transaction metadata for accounting and tax compliance purposes for a period of 10 years as required by German commercial law (HGB).

Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security audits and updates
  • Access controls and employee training
  • Secure data centers and backup systems
Data Retention Periods

We retain your personal data for the following periods:

  • Account Data: As long as your account is active, plus 3 years after deactivation
  • Usage Data: 2 years for analytics and improvement purposes
  • Communication Data: 5 years for legal compliance
  • Legal obligations may require longer retention periods
Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to Access: Request information about your data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit processing of your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
Exercising Your Rights

To exercise any of these rights, please contact us at:

[email protected]

We will respond to your request within 30 days.

International Data Transfers

Your data may be transferred to and processed in countries outside the EU. We ensure adequate protection through standard contractual clauses or adequacy decisions.

Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by email or through our website.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

Alexander Frank
c/o IP-Management #8154
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany

Email: [email protected]

Last Updated: January 15, 2026

Cookie Preferences