Privacy & Data Security - OnlySafeSis

Privacy Policy

1. Responsible Party

Responsible for data processing is:
OnlySafeSis
Frodlgasse 4/2
9020 Klagenfurt am Wörthersee
Email: datenschutz@onlysafesis.com

2. What Data We Process

We only process data that we need for our service:

  • Personal data: Name, email, phone, address
  • Account data: Password, safeword for security
  • Service data: Chosen package, creator names, social media links
  • Leak information: URLs and content for removal
  • Technical data: IP address temporarily for security

Payment data is processed directly by Stripe and not stored with us.

3. Special Categories of Personal Data

For our service, we process special categories of sensitive data according to Art. 9 GDPR:

  • Intimate images/videos - that were unlawfully distributed
  • Links to leak content - for identification and removal

Legal basis: Art. 9 para. 2 lit. f GDPR (legal enforcement) and your consent.

4. Legal Bases for Processing

We process your data based on:

  • Contract fulfillment (Art. 6 para. 1 lit. b GDPR) - for our protection service
  • Your consent (Art. 6 para. 1 lit. a GDPR) - for optional functions
  • Legal obligations (Art. 6 para. 1 lit. c GDPR) - e.g., tax retention
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR) - for security

5. Purposes of Processing

We use your data for:

  • Leak search and removal - our core service
  • Communication & support - personal assistance
  • Contract processing - billing and account management
  • Security & quality - protection and improvement of our service

6. Data Sharing with Third Parties

We only share data when necessary:

  • For takedowns: To platforms, social networks and search engines
  • For payments: To Stripe (payment data remains there)
  • For operations: To IT service providers with confidentiality obligations
  • By law: To authorities when legally required

7. International Data Transfer

Data may be processed outside the EU:

  • Stripe in the USA - for payment processing
  • Global platforms - for takedown requests worldwide

We ensure through standard contractual clauses that your data protection level remains high.

8. Storage Duration

We only store data as long as necessary:

  • Contract data: 7 years (tax obligation)
  • Leak data: Maximum 30 days after contract end
  • Account data: 30 days after cancellation
  • Technical data: Maximum 90 days

9. Data Subject Rights

You have extensive rights regarding your data:

  • Information: What data we store about you
  • Correction: Correction of incorrect data
  • Deletion: Removal of your data (if legally possible)
  • Restriction: Temporary blocking of processing
  • Objection: Against certain processing activities
  • Data portability: Receiving your data in machine-readable format
  • Withdrawal of consent: Possible at any time

To exercise your rights contact: datenschutz@onlysafesis.com

For complaints: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna

10. Cookies & Tracking

We only use technically necessary cookies:

  • Session cookies: For your login and security
  • Stripe cookies: For secure payment processing

We do not use analytics or marketing cookies.

11. Data Security

Your data is protected by modern security measures:

  • Encryption of all data transmissions and storage
  • Strict access controls according to the need-to-know principle
  • Regular security updates and monitoring

12. Contact

Questions about data protection and exercising your data subject rights:

OnlySafeSis
Frodlgasse 4/2
9020 Klagenfurt am Wörthersee
Email: datenschutz@onlysafesis.com

💫 Our promise: We treat your data with the same care and respect that we would expect ourselves. Transparency and trust are the foundation of our work.

Current: October 2025