Privacy Policy — CroExplore
Last updated: 25.03.2026
1. Introduction
This Privacy Policy explains how CroExplore (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website [insert domain] or use our services.
We are committed to protecting your privacy and handling your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the German Federal Data Protection Act (BDSG).
2. Data Controller
CroExplore
[Insert company legal name]
[Insert street address, postal code, city, Germany]
📧 Email: [Insert contact email]
📞 Phone: [Insert phone number]
Authorized representative: [Insert name of managing director / owner]
Registered at: [Insert commercial register, e.g., Handelsregister München HRB XXXXX]
VAT ID: [Insert number]
3. Personal Data We Collect
We collect and process personal data only when necessary to provide our services or when you voluntarily provide it to us.
a) When you visit our website:
- IP address
- Browser type and version
- Operating system
- Referrer URL
- Date and time of access
These data are automatically logged by our server for security and technical reasons and are deleted automatically after a short retention period.
b) When you register an account:
- Name or business name
- Email address
- Password (encrypted)
- Contact details (address, phone, website, etc.)
- Listing content (text, images, descriptions)
c) When you purchase a package:
- Billing information (name, address, VAT ID if applicable)
- Payment details (processed securely via third-party payment providers — we do not store card or bank data)
d) When you contact us:
- Name and contact information
- Content of your inquiry
4. Purpose and Legal Basis for Processing
We process personal data based on the following legal grounds under Article 6 GDPR:
| Purpose | Legal Basis |
|---|---|
| Account registration and listing management | Art. 6(1)(b) – Performance of a contract |
| Displaying and promoting listings | Art. 6(1)(b) and (f) – Contract and legitimate interest |
| Responding to user inquiries | Art. 6(1)(f) – Legitimate interest |
| Processing orders and payments | Art. 6(1)(b) – Contract |
| Website analytics and security | Art. 6(1)(f) – Legitimate interest |
| Legal obligations (e.g., tax records) | Art. 6(1)(c) – Legal obligation |
| Marketing communications (if consented) | Art. 6(1)(a) – Consent |
You can withdraw your consent at any time with effect for the future by emailing [insert email].
5. Cookies and Tracking
We use cookies and similar technologies to operate and improve our website.
a) Essential cookies
These are required for the technical operation of the site (e.g., login, cart, security).
b) Analytics cookies
Used to analyze website usage (e.g., Google Analytics or Matomo). These are only activated with your consent through the cookie banner.
c) Marketing cookies
Used to display relevant ads or remarketing campaigns, only if you have given consent.
You can manage or revoke your cookie consent at any time via our cookie banner or browser settings.
6. Third-Party Processors
To provide our services, we may share personal data with carefully selected third parties that act as data processorsunder Article 28 GDPR, including:
- Web hosting providers (server operation, email systems)
- Payment processors (e.g., PayPal, Stripe, Mollie)
- Analytics and tracking services (if consented)
- Content Delivery Networks (CDN) for faster content delivery
All service providers are bound by data processing agreements and may only process your data on our behalf and according to our instructions.
7. Data Retention
We retain personal data only as long as necessary for the purposes stated in this policy or as required by law.
- Account data: stored until you delete your account.
- Invoices and purchase records: retained for 10 years (legal obligation under §147 AO and §257 HGB).
- Log files: deleted automatically after 14–30 days.
- Contact inquiries: deleted after completion unless required for legal reasons.
8. Data Security
We apply appropriate technical and organizational measures (TOMs) to protect your data against unauthorized access, loss, misuse, or alteration, including:
- SSL/TLS encryption for all data transfers,
- Encrypted password storage,
- Access control and data minimization.
9. Data Transfers Outside the EU/EEA
If personal data is transferred to a country outside the EU/EEA, this occurs only if the country has an adequate level of data protection (Art. 45 GDPR) or based on standard contractual clauses (Art. 46 GDPR) with our service providers.
10. Your Rights as a Data Subject
Under the GDPR, you have the following rights:
- Right of access (Art. 15)
- Right to rectification (Art. 16)
- Right to erasure (“right to be forgotten”) (Art. 17)
- Right to restriction of processing (Art. 18)
- Right to data portability (Art. 20)
- Right to object (Art. 21)
- Right to withdraw consent (Art. 7(3))
To exercise any of these rights, contact us at [insert email address].
You also have the right to lodge a complaint with a data protection authority, in particular:
Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153, 53117 Bonn, Germany
https://www.bfdi.bund.de
11. Automated Decision-Making / Profiling
We do not use automated decision-making or profiling within the meaning of Article 22 GDPR.
12. Links to Other Websites
Our platform may contain links to third-party websites. We are not responsible for the content or privacy practices of such external websites.
13. Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. The latest version is always available on our website. Continued use of CroExplore after changes constitutes acceptance.
14. Contact
If you have questions or concerns regarding this Privacy Policy, please contact us at:
CroExplore
📍 [Insert full company address in Germany]
📧 [Insert contact email]
📞 [Insert contact number]