We take the protection of your personal data very seriously. The processing of personal data is carried out exclusively in accordance with the General Data Protection Regulation (GDPR), the Telecommunications-Telemedia Data Protection Act (TTDSG), and other applicable data protection regulations.
This privacy policy applies to all disruption and availability platforms operated by Downtech UG (haftungsbeschränkt), regardless of country domain, language version, or technical implementation (hereinafter referred to as the "Website").
Downtech UG (haftungsbeschränkt)
Auersberg 10
82319 Starnberg
Germany
Email: [email protected]
The controller pursuant to Art. 4 No. 7 GDPR is the company named above.
This privacy policy uses the terms of the General Data Protection Regulation (Art. 4 GDPR). Personal data means any information relating to an identified or identifiable natural person.
The processing of personal data is based on:
Cloudflare, Inc.
101 Townsend St., San Francisco, CA 94107, USA
Cloudflare Privacy Policy
Cloudflare provides services as a Content Delivery Network (CDN), DDoS protection, and security optimization. Cloudflare acts as our processor (Art. 28 GDPR).
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure, stable, and fast operation of the Website).
Data transfers to the USA are based on the EU-US Data Privacy Framework or EU Standard Contractual Clauses (Art. 46 GDPR).
When accessing the Website, the following data is automatically collected in server log files:
This data is used for system security, error analysis, and defense against attacks and is not merged with other data sources. The IP address is used only temporarily for rough location determination (e.g., city/region) and is not stored in a personally identifiable form. The interests of users do not override this, as no permanent storage of full IP addresses occurs and processing takes place exclusively in anonymized or aggregated form.
Legal basis: Art. 6(1)(f) GDPR (legitimate interests).
Storage period: The storage period is determined by the technical requirements of our hosting provider and is generally 7–30 days.
When using the comment function, we process:
The provision of data is voluntary. However, without providing certain mandatory fields (e.g., email for comments), use of the function is not possible.
Purpose: Publication and moderation of user comments.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating an interactive platform) as well as Art. 6(1)(b) GDPR (user interaction).
Storage period: Until deletion by you or us (in case of legitimate deletion interest, e.g., legal violation).
When submitting a disruption report (e.g., via a form or integrated reporting function), we process the following data:
Source of location information: The postal code is automatically determined based on your IP address (using a geolocation database, e.g., MaxMind GeoIP or comparable services). This is a rough estimate at postal code level – not an exact address or GPS position. The IP address itself is used only temporarily to derive the postal code and is then deleted or anonymized. In the case of dynamic IPs, VPN usage, or CG-NAT, the postal code may be inaccurate. Optionally, you can manually enter a different postal code if the function is available.
Purpose of processing: Receipt and categorization of your report, creation of real-time overviews, heatmaps, and statistics on disruption clusters (regional, temporal, per provider), detection of major outages, and transparency for other users. The evaluation is carried out exclusively in anonymized or aggregated form – identification of individual persons is technically impossible and not intended.
Legal basis: Art. 6(1)(f) GDPR (legitimate interests). Our legitimate interest lies in providing a platform for reporting and transparently displaying network disruptions, supporting rapid problem detection, and promoting user transparency. The interests or fundamental rights of data subjects do not override this, as only pseudonymized/aggregated data is used.
Storage period: Individual reports are stored as long as they are relevant for current displays and evaluations (generally 7–30 days for real-time views). Anonymized long-term statistics may be stored longer (possibly indefinitely) as long as the service exists.
Disclosure: No disclosure to third parties except where required by law. Aggregated/statistical data (without personal reference) may be displayed publicly.
You can subscribe to our newsletter. For this, we require at least your email address. You may optionally provide your name.
Registration takes place via the **double opt-in procedure**: After entering your data, you will receive a confirmation email with a link. Your subscription becomes effective only after clicking this link.
Purpose: Sending information about disruptions, news, and related topics.
Legal basis: Art. 6(1)(a) GDPR (consent).
Storage period: Until you withdraw your consent.
You can withdraw your consent at any time, e.g., via the unsubscribe link in each newsletter or by emailing [email protected]. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
We use Google Analytics 4 (GA4) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
GA4 sets cookies and processes pseudonymized usage data (including anonymized IP address). IP addresses are truncated in the EU and not merged with other Google data.
Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25 TTDSG (consent via our consent management).
Storage period: Up to 14 months (configured default setting).
We integrate advertising via Google AdSense from Google Ireland Limited.
Google Advertising Privacy | Google Privacy Policy
AdSense sets cookies and processes usage data for personalized advertising.
Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25 TTDSG (consent via consent management).
Data transfers to the USA are based on the EU-US Data Privacy Framework or Standard Contractual Clauses.
Consents are obtained and documented via a consent management system provided by Google.
You can withdraw your consent at any time via the cookie settings.
Legal basis: Art. 6(1)(a) GDPR in conjunction with § 25 TTDSG.
Technically necessary cookies / accesses are based on Art. 6(1)(f) GDPR (legitimate interests) or § 25(2) TTDSG.
Transfers of personal data to third countries (mainly USA) take place only in compliance with Art. 44 et seq. GDPR, in particular on the basis of the EU-US Data Privacy Framework and/or EU Standard Contractual Clauses.
You have the right to:
You may withdraw any given consent at any time without giving reasons (Art. 7(3) GDPR). Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To exercise your rights, please contact us at [email protected].
You also have the right to lodge a complaint with a supervisory authority. The competent authority for us is:
Bavarian State Commissioner for Data Protection
Wagmüllerstraße 18
80538 Munich
Email: [email protected]
Website: www.datenschutz-bayern.de
No automated decision-making, including profiling, takes place (Art. 22 GDPR).
We implement technical and organizational measures pursuant to Art. 32 GDPR to protect your data against accidental or intentional manipulation, loss, destruction, or unauthorized access.
We reserve the right to adapt this privacy policy in the event of legal or technical changes. The current version can always be found on this page.
Date: 16 February 2026