1. Overview
This privacy policy explains what personal data HeroPAK collects when you use this website, why we collect it, how long we keep it, and what rights you have under the GDPR (DSGVO).
2. Controller & data protection contact
HeroPAK GmbH (in Gründung)
Herzog-Odilo-Straße 34/4, 5310 Mondsee, Austria
Email: office@heropak.io
Data protection officer: Benjamin Smits — reach him via office@heropak.io.
3. Data we collect
3.1 Server logs
Standard server logs (IP address, user agent, referring page, timestamp) are collected by our hosting provider for operational and security purposes. Retained for up to 30 days, then deleted.
3.2 Contact & demo bookings
If you book a demo or audit through our Calendly link, Calendly collects the information you provide (name, email, message, scheduling preferences) on our behalf. We use it to respond to your enquiry; legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) (legitimate interest).
3.3 Cookies
We use a minimal set of essential cookies needed to keep the site working. We do not use marketing or third-party tracking cookies. If we introduce analytics or external embeds, the cookie inventory and consent banner will be updated accordingly.
4. Processors
We do not sell or rent personal data. The processors we currently work with:
- Cloudflare, Inc. — website hosting & content delivery (USA, with EU Standard Contractual Clauses)
- Calendly LLC — demo / audit booking (USA, with EU Standard Contractual Clauses)
- world4you Internet Services GmbH — email infrastructure (Austria, EU)
5. Your rights
Under the GDPR, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to processing
- Request data portability
- Lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde)
To exercise any of these rights, contact us at office@heropak.io.
6. Changes
We may update this policy. The current version is always available at this URL.