Privacy policy

Status: June 2025

This Privacy Policy applies to all persons with permanent residence in the European Economic Area (EEA) and Switzerland who use our services via www.sharkxs.com or the associated Progressive Web App (PWA).

1. responsible person

SharkXS
Markus Stöger
Lehmhäusl 23
3261 Steinakirchen, Austria
E-Mail: office@sharkxs.com

2. scope of application

This statement explains what personal data we collect, how we use it and what rights you have as a data subject under the GDPR.

3. data collected & processing purposes

  • Registration data (name, email)
    Purpose: Account creation, service provision
    Legal basis: Art. 6 para. 1 lit. b GDPR
    Storage period: As long as account exists + 2 years
  • Payment data (transaction ID, credit balance)
    Purpose: Payment processing via TerraWallet/WooCommerce
    Legal basis: Art. 6 para. 1 lit. b GDPR
    Storage period: 10 years (tax law)
  • Profile data (settings, history)
    Purpose: Personalization of the service
    Legal basis: Art. 6 para. 1 lit. f GDPR
    Storage period: Until revocation/deletion
  • Usage data (log files, IP address)*
    Purpose: Operational security, misuse detection
    Legal basis: Art. 6 para. 1 lit. f GDPR
    Storage period: Max. 30 days
  • Cookies & tracking data*
    Purpose: Functionality, analysis, marketing
    Legal basis: Consent (Art. 6 para. 1 lit. a GDPR)
    Storage period: Until consent is withdrawn

* partly pseudonymized

4. forwarding to service providers

  • Hostinger International Ltd (Lithuania & worldwide)
    Website operation, hosting, e-mail delivery
  • WooCommerce / TerraWallet (Ireland / USA)
    Top up & manage user balances
  • External payment service providers
    Processing of payments (e.g. PayPal)

Data processing agreements in accordance with Art. 28 GDPR are in place with all service providers mentioned.

5. comments

When visitors leave comments, we store the data entered in the comment form as well as the IP address and the browser user agent for spam detection. An anonymized hashed version of your email address is sent to the Gravatar service to display your profile picture. Once the comment has been approved, your publicly visible profile picture will be displayed next to your comment.

6. media

If you upload images, please remove all location data (EXIF GPS) beforehand, as visitors could extract this data from the images.

7. cookies & tracking

  1. Required cookies (login, wallet, security)
  2. Statistics cookies (e.g. Google Analytics), only with consent
  3. Marketing cookies, only after consent

Addition for WordPress:
If you leave a comment, you can choose to have your name, e-mail address and website saved in cookies (duration: 1 year). When you visit the login page, we set a temporary cookie to check whether your browser accepts cookies (deletes itself when closed). After logging in, login cookies (2 days) and screen options cookies (1 year) are set; if “Stay logged in” is selected, login cookies are valid for 2 weeks. When editing/publishing a post, we also save a cookie with the article ID (duration: 1 day).

8 Embedded content

Posts may contain embedded content (e.g. videos, images, articles) from other websites. These behave as if you were visiting the other website directly. These third-party sites may collect data about you, use cookies and track your interaction behavior if you are logged in there.

9. disclosure of your data

For password resets, your IP address will be included in the reset email. Otherwise, we only share your data if we are legally obliged to do so or as part of a company takeover.

10. storage period

Comments and metadata are saved indefinitely so that follow-up comments can be approved automatically. Registered user profiles are retained until they are deleted by the user or admin.

11. your rights

You can request information, rectification, erasure, restriction of processing, data portability and objection to data processing. You can also request an export file of your data or withdraw your consent (Art. 7 GDPR). This does not apply to data that we must continue to store for administrative, legal or security reasons.

12. spam check

Comments are automatically checked by spam detection.

13. amendments to this declaration

We reserve the right to change this privacy policy. You can find the current text here on our website at any time.

14. right of appeal

If you are dissatisfied with the way your data is processed, you can contact the data protection authority:
Datenschutzbehörde
Wickenburggasse 8, 1080 Vienna
E-mail: dsb@dsb.gv.at

Contact us

Markus Stöger
Lehmhäusl 23, 3261 Steinakirchen, Austria
E-mail: office@sharkxs.com
Phone: +43 660 32 66 497

Shopping Cart