Privacy Policy & Terms of Use

Steffi's Cloud^® Portal (SC Portal)

Applies to: Windows, Linux, macOS, iOS, Android and compatible devices (e.g. Fairphone)

Available as: Direct download (Windows, Linux, macOS) as well as via the Apple App Store and Google Play Store

Effective date: April 1, 2026

1. Provider

Steffi's Cloud^®
Owner: Anna-Lena Nieman
Györer Str. 3 / 64
99089 Erfurt
Germany
Email: ed.duolcsiffetsobfsctd-29d330@ofni
Website: www.steffiscloud.de

2. Purpose of the Application

The Steffi's Cloud^® Portal (SC Portal) is a secure communication and collaboration platform for customers of Steffi’s Cloud, designed for secure communication, IT security coordination, support, and incident responseIncident Response

Incident response is the process of identifying, managing, and mitigating cybersecurity incidents..

3. Customers Only

Use of the application is restricted exclusively to authorized customers. The application cannot be used without valid access credentials.

4. Hosting & Data Processing

All data processing takes place exclusively in secure data centers located in Germany, primarily in Frankfurt am Main.

Where personal data is processed on behalf of customers, data processing agreements (DPA) are in place in accordance with Art. 28 GDPRGDPR

The General Data Protection Regulation is a European law that governs how personal data must be processed and protected.

Data location: Germany (Frankfurt)

5. Data Processed

• Contact data (name, email, company) is processed as part of usage and – where technically possible – protected or pseudonymized.
• User and access data
• Communication content
• Technical data (IP address, logs)
• Files related to support and security processes

6. Purpose of Processing

• Operation and security of the platform
• Authentication and access control
• Communication and support
• IT security and incident responseIncident Response
  
  Incident response is the process of identifying, managing, and mitigating cybersecurity incidents.
• Fulfillment of contractual obligations

7. Legal Basis

Data processing is carried out in accordance with GDPRGDPR

The General Data Protection Regulation is a European law that governs how personal data must be processed and protected, in particular based on: contractual necessity (Art. 6(1)(b)), legitimate interests (lit. f), legal obligations (lit. c), and, where applicable, user consent (lit. a).

8. Data Sharing

Personal data is only shared where necessary for service delivery, IT security purposes, or due to legal obligations. External service providers are contractually bound.

9. Data Retention

Data is retained only as long as necessary for the intended purposes or as required by law.

10. Data Security

Appropriate technical and organizational measures are implemented to protect data.

11. User Rights

Users have the right to access, rectify, delete, restrict processing, data portability, and to object to processing.

12. Terms of Use

12.1 Access

Access is restricted to authorized customers of Steffi's Cloud^®. Each customer operates within a dedicated, logically separated and secure environment within the platform.

This separation is implemented in accordance with modern security concepts such as Zero Trust and tenant isolation.

12.2 Security

Access credentials must be treated confidentially.

12.3 Prohibited Use

• Misuse or unauthorized use
• Circumvention of security mechanisms
• Use by non-customers

12.4 Suspension

Access may be suspended in case of violations.

12.5 Availability

No guarantee of uninterrupted availability.

13. Notice

If you are not yet a customer: IT security based on German standards should be a top priority.

14. Contact

Contact details and further legal information can be found in the legal notice:
www.steffiscloud.de/imprint