BM Blackmatic Plugins

Privacy Policy

This privacy policy describes how Blackmatic Plugins processes data on this website hosted on bplaced.

1. Controller

The website is operated under the project name Blackmatic Plugins. Contact is possible through the contact form on this website.

2. Hosting with bplaced

This website is hosted by bplaced. When visitors access the website, technical server log data may be processed by the hosting provider, for example IP address, date and time of access, requested file, browser information, referrer, and status codes. This processing is necessary to deliver the website securely and reliably.

If a data processing agreement is required for the hosting setup, it should be completed in the bplaced control center before going live.

3. Account data

When users create an account, the website stores email address, nickname, password hash, role, creation date, and last login date. Passwords are never stored in plain text.

4. Contact messages

When the contact form is used, the website stores nickname, email address, subject, message, date, status, and an IP hash for spam protection. Messages are only visible in the admin area.

5. Guestbook

Registered users can write guestbook messages. Stored data includes user ID, nickname, message, date, status, and an IP hash for spam protection. Links are blocked. The admin can hide or delete messages.

6. Plugin reports

Registered users can report plugin issues. Stored data includes plugin ID, user ID, nickname, error type, message, status, admin note, date, and an IP hash for spam protection.

7. Voluntary support codes

If users voluntarily submit a Paysafecard code, the code is stored encrypted. The website also stores a code hash for duplicate checks, the last 4 digits, nickname, optional message, status, date, and an IP hash for spam protection. Codes should be deleted or masked after manual review.

8. Security and abuse protection

The website uses CSRF protection, prepared SQL statements, password hashing, rate limits, IP hashing, output escaping, and link blocking in public message fields.

9. Cookies

The website uses technically necessary session cookies for login and security. No tracking or advertising cookies are included by default.

10. Storage period

Account data is stored until deletion. Contact messages, reports, guestbook entries, support submissions, and security logs are stored only as long as needed for operation, security, moderation, and documentation.

11. User rights

Users may request access, correction, deletion, restriction, objection, and data portability according to applicable data protection law.