Vektoris

Privacy Policy

Last updated: 30 June 2026

1. Controller

The controller for the processing of personal data on this website under the GDPR is:

Vektoris (sole proprietorship), owner: Felix Totzek, Daimlerstraße 7, 63303 Dreieich, Germany. Email: courses@vektoris.io.

2. Your rights

You have the following rights regarding your personal data:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing (Art. 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR), e.g. the Hessian Commissioner for Data Protection and Freedom of Information, Postfach 3163, 65021 Wiesbaden, Germany.

3. Hosting

This website is hosted by Vercel Inc. (USA). When you access the site, technically necessary data (e.g. IP address, timestamp, requested resource, browser type) is processed in server logs to ensure delivery and security. The legal basis is our legitimate interest in secure operation (Art. 6(1)(f) GDPR).

4. Account and login (magic link)

We create a user account for the member area. Login is passwordless via a sign-in link sent by email (magic link). We process your email address as well as login and session data. The legal basis is performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR).

5. Purchase and payment

Purchases (single course or all-access subscription) are processed via the payment provider Stripe (Stripe Payments Europe, Ltd., Ireland; where applicable Stripe, Inc., USA). The data required for payment is transmitted directly to Stripe; we do not store card data. The legal basis is performance of a contract (Art. 6(1)(b) GDPR).

6. Video playback

Course videos are delivered via Mux, Inc. (USA). During playback, technical data (e.g. IP address, device/browser information, playback progress) is processed to enable streaming. The legal basis is performance of a contract and our legitimate interest in functional delivery (Art. 6(1)(b) and (f) GDPR).

7. Sending email

We use Resend, Inc. (USA) to send login and transactional emails. We process your email address and the respective message content. The legal basis is performance of a contract (Art. 6(1)(b) GDPR).

8. Database

Account, purchase and entitlement data is stored in a database operated by Neon, Inc. (USA). The legal basis is performance of a contract (Art. 6(1)(b) GDPR).

9. Cookies

We use strictly necessary cookies only: a session cookie for login and a cookie storing your language choice. These are required for operation and need no consent. We do not use tracking or marketing cookies.

10. Retention

We store personal data only for as long as necessary for the stated purposes or as required by statutory retention obligations (in particular commercial and tax law). Data is deleted thereafter.

11. International transfers

Some of the services used process data in the USA. Where no adequacy decision applies, transfers are based on EU Standard Contractual Clauses (Art. 46 GDPR) or, where certified, the EU-US Data Privacy Framework.

12. Changes to this policy

We update this privacy policy when our processing or the legal situation changes. The version published here applies.