At EuroMakers, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.
Data We Collect
When you use our website, we may collect the following types of information:
- Personal Data: Name, email address, and other contact information that you voluntarily provide when submitting software, contacting us, or providing feedback.
- Usage Data: Information on how you use our website, including pages visited, time spent on pages, and other analytical data.
- Technical Data: IP address, browser type, device information, cookies, and similar tracking technologies.
- Traffic Data (via Proxy): When you access our website, your traffic is routed through our content delivery network (CDN) provider, which acts as a proxy. This provider collects and processes data such as your IP address, HTTP request details (e.g., URLs, headers), and timestamps to deliver content, enhance security (e.g., detect and block malicious activity), and optimize performance. This data may be logged temporarily for security purposes, such as rate limiting and bot detection.
- Email Event Data: When we send emails (e.g., for contact forms, feedback, or software submissions), our email service provider collects event data such as delivery status, bounces, and failures to help us monitor and improve email delivery.
Rate Limiting & Security
To protect our website against abuse and ensure fair usage of our services, we implement rate limiting on our API endpoints. This means:
- We temporarily store your IP address to track and limit the number of requests made to our API endpoints.
- For all API endpoints including form submissions (contact and software submission), we limit to 5 requests per minute per IP address.
- This data is stored temporarily in memory and is automatically deleted after the rate limit window expires (60 seconds).
- We process this data based on our legitimate interest to protect our services from abuse, prevent spam, and ensure availability for all users.
How We Use Your Data
We use the collected data for various purposes:
- To provide and maintain our service
- To notify you about changes to our service
- To provide user support
- To monitor usage of our service
- To improve our website and user experience
- To process software submissions and updates
- To protect our website from security threats, such as DDoS attacks, bots, and malicious requests, using our CDN provider's security features.
Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your data based on one or more of the following legal grounds:
- Consent: You have given us explicit consent to process your data.
- Contractual Necessity: Processing is necessary for a contract we have with you.
- Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our services.
- Legal Obligation: Processing is necessary for compliance with a legal obligation.
Your Data Protection Rights
Under the GDPR, users who are EU residents have the following rights:
- Right to Access: You have the right to request copies of your personal data.
- Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
- Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
- Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
- Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
Cookies
Our website uses cookies to enhance your browsing experience. Cookies are small text files that are stored on your device. We use both session cookies, which expire when you close your browser, and persistent cookies, which stay on your device until they expire or you delete them.
In accordance with the EU ePrivacy Directive, we use a cookie banner to obtain your consent for non-essential cookies (e.g., analytics and preference cookies). Essential cookies, including those set by our CDN provider for security and performance, do not require consent but are necessary for the website to function properly.
We use the following types of cookies:
- Essential Cookies: Necessary for the website to function properly.
- Analytics Cookies: Help us understand how visitors interact with our website.
- Preference Cookies: Enable the website to remember your preferences.
- Security Cookies: Used for security purposes such as rate limiting to prevent abuse of our API endpoints and protect our services.
- CDN Cookies: Our CDN provider may set cookies to manage traffic, detect bots, and ensure security. These cookies are essential for the proper functioning and protection of our website.
You can control cookies through your browser settings. However, if you block certain cookies, you may not be able to use all the features of our website.
Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We limit data retention periods to minimize privacy risks:
- Analytics data is stored for 1 year in our PostHog instance (as per PostHog's free plan)
- Email logs are retained for 5 days in our SMTP2GO service (as per SMTP2GO's free plan)
- Email event data (e.g., delivery status, bounces) is retained for 5 days by our email service provider, as per their free plan.
- Contact form submissions are retained for 1 year
- Software submission data is retained for the duration of the listing on our platform
- Rate limiting data (IP addresses and session information) is stored temporarily in memory and automatically deleted after the rate limit window expires (between 10 seconds and 60 seconds)
- Traffic data processed by our CDN provider (e.g., IP addresses, request metadata) is typically retained for short periods, such as 24 hours to 30 days, depending on the security feature (e.g., rate limiting, bot detection). For exact retention periods, please refer to our CDN provider's privacy policy.
To request deletion of your personal data before the automatic retention period expires, please contact us at the email address provided at the bottom of this page. We will process your request within 30 days and provide confirmation when your data has been deleted from our systems and those of our service providers.
Data Security
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.
Data Processors and International Transfers
We use the following service providers to process your data:
- Vercel: We use Vercel for hosting our website. While our functions are processed in the EU, static content may be served from locations in the United States. Vercel complies with GDPR requirements and has implemented appropriate safeguards for international data transfers.
- PostHog: We use PostHog for analytics. Our PostHog instance is hosted in the EU, ensuring that your analytics data remains within the European Economic Area. We maintain a signed Data Processing Agreement with PostHog.
- SMTP2GO: We use SMTP2GO for email processing services. Our SMTP2GO services are hosted in the EU, ensuring that your email data remains within the European Economic Area. We maintain a signed Data Processing Agreement with SMTP2GO.
- Cloudflare: We use Cloudflare for domain services and as a content delivery network. Cloudflare may process certain data globally but has implemented appropriate safeguards for international data transfers.
- Zoho: We use Zoho for email services. Zoho processes data globally but maintains EU data centers and we have a signed Data Processing Agreement in place.
Our CDN provider is a U.S.-based company and may process your data on servers located outside the European Economic Area (EEA), including in the United States. As the U.S. is considered an "unsafe third country" under GDPR due to its surveillance laws, we have ensured that our provider has implemented Standard Contractual Clauses (SCCs) and supplementary measures to protect your data. However, there remains a risk that U.S. authorities may access your data under local laws. For more information, please refer to our provider's privacy policy.
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data in accordance with GDPR requirements.
For more detailed information about how we process your data, please refer to our Data Processing Agreement.
Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these websites. We encourage you to read the privacy policy of every website you visit.
Children's Privacy
Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and you believe that your child has provided us with personal data, please contact us.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
Contact Us
If you have any questions about this Privacy Policy, please contact us:
Responsible Supervisory Authority
The data protection authority responsible for overseeing this website is: