Privacy Policy

This policy describes how Waltermetrics (“we”, “us”) collects, uses, discloses, and protects personal information when you use waltermetrics.com (the “Service”). We are the controller for the processing described here. You can reach us at [email protected].

• Account information. When you create an account we collect your email address. If you sign up with email and password, we store your password only as a one-way cryptographic hash — never in plain text. If you sign in with Google, we receive your email address and basic profile information (such as your name and profile picture) from Google.
• Billing information. Payments are processed by Stripe. Your card details are entered directly with Stripe and never touch our servers. We store only your subscription status and a Stripe customer reference.
• Technical and usage data. Like virtually every website, our servers keep short-lived logs of requests (IP address, browser type, pages requested, timestamps) for security, debugging, and capacity planning.
• Cookies and analytics. We use one essential cookie: a session cookie to keep you signed in. With your consent — and only then — we also use Google Analytics to understand how the Service is used; it sets analytics cookies and processes technical usage data such as pages visited, approximate location, and device information. If you decline, no analytics run at all. You can change your choice at any time via “Cookie settings” in the footer. We do not use advertising cookies.

We use the information described above to:

• provide and operate the Service, including signing you in;
• process subscriptions and payments;
• respond to support requests;
• secure the Service, prevent abuse, and debug problems;
• comply with legal obligations (for example, tax and accounting rules).

The legal bases for this processing are the performance of our contract with you (providing the Service), our legitimate interests (security and operations), your consent where required, and compliance with legal obligations.

We do not sell personal information, and we do not share it with advertisers or data brokers. Information is disclosed only to the service providers we rely on to run the Service, each receiving only what is necessary for its role:

• Stripe — payment processing and subscription billing;
• Google — sign-in, if you choose “Continue with Google”; and analytics (Google Analytics), only if you consent to it via the cookie banner;
• Hetzner — server hosting in the European Union;
• Cloudflare — network security, content delivery, and routing of email sent to our support address.

We may also disclose information where required by law, legal process, or to protect our rights, and in connection with a business transfer such as a merger or acquisition.

Disclosure to the providers above happens automatically and programmatically as part of operating the Service — for example, your payment details are transmitted directly to Stripe over an encrypted connection when you subscribe. All transfers occur over encrypted (TLS) connections, and our providers are bound by their own data-processing terms. Where a provider processes data outside the European Economic Area, transfers rely on recognized safeguards such as adequacy decisions or standard contractual clauses.

Security practices we maintain include:

• encryption in transit (HTTPS/TLS) across the entire Service;
• one-way hashing of passwords — we cannot read your password;
• keeping card data entirely with our PCI-DSS-compliant payment processor;
• access to production systems restricted to authorized personnel on a need-to-know basis;
• hosting on servers located in the European Union;
• monitoring, and regular backups, of production systems.

No method of transmission or storage is completely secure, but we work to protect your information using industry-standard measures appropriate to the data we hold.

We keep account information for as long as your account exists, and delete or anonymize it when you delete your account, except where we must retain records (such as billing records) to comply with legal obligations. Server logs are retained only briefly for security and operations.

Depending on where you live (and in any case if you are in the European Union), you have the right to access, correct, export, restrict, object to the processing of, or delete your personal information, and to withdraw consent where processing is based on consent. To exercise these rights, email us at [email protected]. You also have the right to lodge a complaint with your local data-protection supervisory authority.

The Service is not directed at children under 16, and we do not knowingly collect personal information from them.

We may update this policy as the Service evolves. Material changes will be posted on this page with a new “last updated” date and, where appropriate, communicated by additional notice such as email.

Questions about privacy or this policy? Contact us at [email protected].