Privacy Policy / Datenschutzerklärung

Last updated / Stand: 2026-06-10

This Privacy Policy describes how ResinBench ("we", "us", or "our") collects, uses, and shares information when you visit our website. This policy applies to EU/EEA visitors and complies with GDPR (Regulation (EU) 2016/679) and the German TTDSG / TDDDG (§ 25).

1. Data Controller / Verantwortlicher

The data controller for this website is the person named in our Impressum. For questions about this policy or data deletion requests, use our contact page.

2. Information We Collect

Server / hosting logs. Cloudflare Pages may log your IP address, browser type, referring URL, pages visited, and visit timestamps. This data is used for security, capacity, and aggregate traffic analysis. Cloudflare acts as a data processor under EU SCCs. See Cloudflare Privacy Policy.

Analytics. We currently use Cloudflare Web Analytics — a cookieless, privacy-first analytics tool. It does not use cookies, does not fingerprint individual users, and does not share data with advertising networks. No consent is required for Cloudflare Web Analytics under TTDSG § 25 (no storage on end-device, aggregated only). If we add any non-cookieless analytics tool in future, this policy will be updated and explicit consent will be obtained before the tool fires.

Contact form. If you submit our contact form, we collect your name, email, and message to respond to your inquiry. Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures / fulfilling a request). Data is deleted once the inquiry is resolved.

Email subscriptions. If you subscribe to our email list, we collect your email address via double opt-in. Legal basis: Art. 6(1)(a) GDPR (consent). You can unsubscribe at any time via the link in every email.

3. Cookies and Similar Technologies (TTDSG § 25 / TDDDG)

Strictly necessary cookies (no consent required): session cookies, security tokens, load-balancer cookies set by Cloudflare to deliver the site.

Non-essential cookies / tracking (TTDSG § 25 opt-in): We do not currently set any non-essential cookies or tracking scripts. Before any advertising network (Journey by Mediavine, Raptive, Google AdSense) or analytics tool that sets cookies is activated, we will implement a consent management platform (CMP) that:

• Requests explicit opt-in before any non-essential script fires.
• Provides a Reject button that is equally prominent as the Accept button (no dark patterns).
• Records and timestamps consent choices.
• Allows users to withdraw consent at any time.

Violation of TTDSG § 25 carries fines up to €300,000. We take this seriously.

4. Affiliate Tracking

When you click an affiliate link (Amazon Associates or other programs), the merchant may set a cookie in your browser to track referred purchases. That cookie is set by the merchant's domain, not by us. We receive a commission on qualifying purchases but do not receive or store your payment data. See our Affiliate Disclosure.

Legal basis for processing that leads to affiliate tracking: Art. 6(1)(f) GDPR (legitimate interest in monetising the site) — balanced against minimal data use and user control.

5. Display Advertising (Future)

We do not currently run display advertising. When we do (Journey by Mediavine / Raptive), those networks will use cookies and device identifiers to serve personalised ads. Explicit opt-in consent will be collected via a compliant CMP before any ad script fires. You will always be able to reject all non-essential cookies without loss of access to content.

6. Legal Bases (GDPR Art. 6)

• Art. 6(1)(a) — Consent: email subscriptions, non-essential cookies (when applicable).
• Art. 6(1)(b) — Contract / pre-contractual: contact form inquiries.
• Art. 6(1)(c) — Legal obligation: records required by German law (e.g. § 5 DDG).
• Art. 6(1)(f) — Legitimate interest: security, anti-fraud, site analytics, affiliate monetisation.

7. Data Sharing

We do not sell your personal data. We share data only with service providers acting as data processors under written agreements: Cloudflare (hosting, CDN, analytics), email service provider (if subscribed), affiliate networks on click-through.

8. International Transfers

Cloudflare processes data in the EU and the US. EU-to-US transfers are covered by Standard Contractual Clauses (SCCs) and Cloudflare's participation in the EU-US Data Privacy Framework.

9. Your Rights (GDPR Art. 15–22)

You have the right to: access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, and objection to processing based on legitimate interests. EU residents may also lodge a complaint with their national supervisory authority.

To exercise rights: contact us. We respond within 30 days (GDPR Art. 12).

10. Data Retention

Server/CDN logs: up to 30 days (Cloudflare default). Contact form data: deleted within 90 days of resolution. Analytics data (cookieless, aggregated): indefinitely (no personal data stored). Email subscriber data: retained until unsubscription + 30-day buffer.

11. Children's Privacy

Our site is not directed at children under 16 (EU GDPR minimum age). We do not knowingly collect data from minors. Contact us immediately if you believe a child has submitted data.

12. Changes to This Policy

We may update this policy. The "Last updated" date above reflects the most recent revision. Material changes will be announced on this page. Continued use after the effective date constitutes acceptance.

13. Contact / Datenschutzbeauftragter

Privacy questions: contact page.
Data controller: see Impressum.
A formal Data Protection Officer (DPO) is not required for this site (Art. 37 GDPR).