Privacy Policy
Information about the processing of your data
1. Privacy at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. For detailed information on data protection, please refer to our privacy policy listed below this text.
Data Collection on this Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the legal notice of this website.
How do we collect your data?
Your data is collected on the one hand by you providing it to us. This could be, for example, data that you enter in a contact form or when using our service.
Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website.
2. Data Controller
Responsible for data processing on this website:
STHEOS UG (limited liability)
Leopoldstraße 2-8
32051 Herford
Germany
Email: info@flashup.io
Phone: +49 (0) 157 36432723
3. General Notes and Mandatory Information
Data Protection
The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this happens.
Note on the Responsible Party
The responsible party for data processing on this website is mentioned above. The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
Storage Duration
Unless a more specific storage duration is stated in this privacy policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods).
4. Data Collection on this Website
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
A merging of this data with other data sources is not carried out. The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this, the server log files must be recorded.
Email Contact
If you send us inquiries by e-mail, your details from the e-mail, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
5. FlashUp Gallery Service
Data Processing when Using the Service
When using our FlashUp Gallery Service, we process the following data:
- Transaction data: Name, email address, event title, event date
- Payment data: Processed by Stripe (see below)
- Uploads: Images and videos uploaded by you
- Technical data: Gallery IDs, QR code generation
Purpose of Data Processing
We process your data for the following purposes:
- Provision of the gallery service
- Processing of payments
- Sending of QR codes and access links
- Technical administration of the galleries
- Customer support
Legal Basis
The processing is based on Art. 6 para. 1 lit. b DSGVO (contract fulfillment) as well as Art. 6 para. 1 lit. f DSGVO (legitimate interests).
6. Payment Service Provider
Stripe
On this website, we offer you the option to process payments via the payment service provider Stripe. The provider is Stripe Inc., 510 Townsend Street, San Francisco, CA 94103, USA (hereinafter "Stripe").
If you make a payment via Stripe, the payment data you enter (name, address, account details, credit card number, card verification number, expiration date) will be transmitted to Stripe. The transmission is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the fulfillment of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the legality of the data processing operations that have taken place up to the revocation.
For more details, please refer to Stripe's privacy policy at https://stripe.com/privacy.
7. Your Rights
You have the following rights regarding your personal data:
- Right to information (Art. 15 DSGVO)
- Right to rectification (Art. 16 DSGVO)
- Right to deletion (Art. 17 DSGVO)
- Right to restriction of processing (Art. 18 DSGVO)
- Right to data portability (Art. 20 DSGVO)
- Right to object (Art. 21 DSGVO)
- Right to complain to a supervisory authority (Art. 77 DSGVO)
Revocation of Consents
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to Complain to the Competent Supervisory Authority
In the event of violations of the DSGVO, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work, or the place of the alleged violation.
8. SSL and TLS Encryption
This site uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser's address line changes from "http://" to "https://" and by the lock symbol in your browser's address bar.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
As of: July 16, 2025