Privacy Policy

Last updated: 11. November. 2025

1. Controller

8Bytes Software e.U.

Darius Sas

Fabriksgasse 6A/2, 8600 Bruck an der Mur, Austria

E-Mail: support@8bytes.eu

2. Generell Information

Protecting your personal data is a key priority for us. We process your data solely on the basis of the applicable legal provisions (GDPR, Austrian Telecommunications Act 2003). This Privacy Policy explains the most important aspects of data processing when you use our website and services.

3. Data We Process

3.1 Website Visit

• IP address, date/time of request, browser type, operating system
• Purpose: technical operation, security (attack prevention, troubleshooting)
• Legal basis: legitimate interest (Art. 6 (1) f GDPR)

3.2 Contact

• Name, e-mail, phone number (if provided), contents of your request
• Purpose: handling your inquiry, preparing contracts
• Legal basis: pre-contractual measures (Art. 6 (1) b GDPR)

3.3 Contractual Relationship (Clients)

• Company details, contact persons, e-mails, technical access data (e.g., VPN)
• Purpose: fulfillment of IT services (hosting, monitoring, backups)
• Legal basis: contract performance (Art. 6 (1) b GDPR)

3.4 Backups & Monitoring

• System logs, configuration files, IP addresses, technical usage data
• Purpose: ensuring availability, integrity, and accountability of systems
• Legal basis: legitimate interest (Art. 6 (1) f GDPR)

3.5 Accounting

• Master data (name/company, address, VAT ID), invoicing data
• Purpose: accounting, statutory record retention
• Legal basis: legal obligation (Art. 6 (1) c GDPR)

4. Processors / Sub-Contractors

We use carefully selected service providers that process data solely on our behalf and based on a data processing agreement (Art. 28 GDPR):

• Hetzner Online GmbH (Hosting in Germany, ISO 27001 certified)
• Proton AG (E-mail communication, Switzerland/EU)

5. Retention Periods

• Technical logs: up to 12 months (unless required for security analysis)
• Contract and accounting data: 7 years (statutory retention)
• Backups: according to Backup Policy (rotation, deletion after expiry)

6. Rights of Data Subjects

You have the following rights at any time:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)

Please send your request to: support@8bytes.eu

7. Right to Lodge a Complaint

If you believe that the processing of your data violates data protection law, you may lodge a complaint with the competent supervisory authority.
In Austria, this is the Austrian Data Protection Authority (DSB), Barichgasse 40-42, 1030 Vienna.

8. Data Security

We apply technical and organizational measures to protect personal data against loss, manipulation, or unauthorized access, including:

• Encryption (TLS, VPN, data-at-rest)
• Access restrictions (MFA, least privilege)
• Backups and regular restore tests
• Logging of security-relevant events

9. Updates to this Policy

We may update this Privacy Policy from time to time to reflect legal requirements or changes in our services.