Effective May 2026 · International scope · Applies to users worldwide submitting support requests via this helpdesk
Berger & Rosenstock GbR (trading as DigitalFreedom)
Dieselstr. 22e, 61231 Bad Nauheim, Germany
Authorized representatives: Marcel R. G. Berger, Jasmin Rosenstock
VAT-ID: DE455096022
General contact: hello@digitalfreedom.co.za
Data protection requests: data-protection@digitalfreedom.co.za
We do not collect: location data beyond IP-derived country, device identifiers, advertising IDs, biometric data, financial data, health data, precise geolocation.
| Processing ticket | Art. 6(1)(b) GDPR — pre-contractual / contractual response to your request |
| Server logs, security | Art. 6(1)(f) GDPR — legitimate interest in service integrity and abuse prevention |
| Statutory retention | Art. 6(1)(c) GDPR — German Commercial Code (HGB) / Tax Code (AO) obligations |
fra1 (Frankfurt, Germany) and lon1 (London, UK).We do not sell, rent, lease, or trade your personal data. No behavioral tracking, no advertising profiles, no third-party analytics scripts, no data brokers.
fra1 (Frankfurt, Germany) — within the EU, no transfer outside the EEA.lon1 (London, UK) — covered by the EU Commission adequacy decision for the UK (Art. 45 GDPR).You have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17 — subject to statutory retention), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), withdrawal of consent at any time with effect for the future (Art. 7(3)), no automated decision-making (Art. 22 — we do not perform any).
To exercise: data-protection@digitalfreedom.co.za
Same rights as under EU GDPR. Complaints can be filed with the Information Commissioner's Office (ICO), ico.org.uk.
Same rights as under EU GDPR. Complaints can be filed with the Federal Data Protection and Information Commissioner (FDPIC), edoeb.admin.ch.
California residents have the right to:
To exercise: data-protection@digitalfreedom.co.za. Verification: we may ask you to confirm your identity by matching the email address on file. We respond within 45 days.
Substantively equivalent rights to access, delete, correct, and opt out of targeted advertising apply. We do not engage in targeted advertising or sales of personal information. Exercise rights via the data protection contact above.
Right of access, correction, withdrawal of consent, complaint to the Office of the Privacy Commissioner of Canada (priv.gc.ca). Quebec residents additionally have data portability rights under Law 25.
Rights to confirmation, access, correction, anonymization, portability, deletion, information about sharing, and revocation of consent (Art. 18 LGPD). Complaints can be filed with the Autoridade Nacional de Proteção de Dados (ANPD).
Right to access, correction, and complaint to the Office of the Australian Information Commissioner (oaic.gov.au). We notify you of eligible data breaches in accordance with the Notifiable Data Breaches scheme.
Rights of access, correction, deletion, objection, and the right not to be subject to automated decision-making (Sections 23–25 POPIA). Complaints to the Information Regulator (inforegulator.org.za).
We honor equivalent rights of access, correction, deletion, and complaint in all jurisdictions where applicable local law applies. Contact us via the data protection address above to exercise them.
You can always lodge a complaint with the supervisory authority for the controller's seat:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163, 65021 Wiesbaden, Germany
datenschutz.hessen.de
This helpdesk is not directed at children under 16 (EU) / under 13 (US under COPPA). We do not knowingly process personal information of children under these ages. If you believe a child has submitted personal information, please contact us at data-protection@digitalfreedom.co.za and we will delete it.
Universally and across all jurisdictions: we do not sell, rent, lease, or share your personal data for commercial purposes. We do not build advertising or behavioral profiles. We do not engage in automated decision-making (Art. 22 GDPR / Section 24 POPIA / similar provisions in other laws).
In the event of a data breach affecting your personal information, we will notify the competent supervisory authority within 72 hours (GDPR Art. 33), and notify affected users without undue delay when there is a high risk to your rights and freedoms (Art. 34). Equivalent obligations under UK GDPR, POPIA Section 22, Australian Notifiable Data Breaches scheme, and similar laws apply.
This policy may be updated to reflect changes in our processing, applicable law, or sub-processor relationships. The current version is always accessible via this link. We will notify users of material changes by email if they have an active ticket.