Legal Information

Last updated: May 25, 2025

Table of Contents - Terms & Conditions

1. Scope and Provider

1.1 General Platform

These Terms and Conditions apply to the use of the "CactusIO" platform (hereinafter "Platform"). The provider of the Platform is CactusIO (hereinafter "we", "us", "Provider").

1.2 GHG-specific Areas

Additional terms and conditions apply to the specific areas of Grace Hopper Gesamtschule (GHG) within the Platform. These areas include:

GHG-specific Areas

  • Inventory Management
  • Device Lending
  • Class Management
  • Project Management
  • HopperLAB (Machine Club)

2. Contract Formation and Registration

2.1 Registration

Registration is required to use the Platform. A usage contract between you and us is formed upon registration.

2.2 Truthful Information

You are obligated to provide truthful and complete information during registration and to keep this information current.

2.3 GHG Authorization

Access to GHG-specific areas is reserved for students, teachers, and staff of Grace Hopper Gesamtschule. Authorization is verified through a school email address (@gesamtschule-teltow.de) or administrative activation.

3. Usage Rights and Obligations

3.1 Permitted Use

You may use the Platform exclusively for its intended purposes, including:

  • Managing user profiles
  • Communication with other users
  • Sharing content (posts, projects)
  • Using provided tools and services

3.2 Prohibited Use

The following are prohibited:

  • Transmission of malware
  • Spam or unwanted advertising
  • Harassment of other users
  • Distribution of illegal content
  • Circumventing security measures
  • Misuse of the Platform for commercial purposes without permission

3.3 GHG-specific Usage Rules

Additional rules for GHG areas:

  • Responsible use of inventory management
  • Proper handling of borrowed equipment
  • Compliance with safety regulations in HopperLAB
  • Respectful handling of school property

4. Content and Intellectual Property

4.1 User Content

You retain ownership rights to content you upload. By uploading, you grant us a non-exclusive license to store and display your content on the Platform.

4.2 Platform Content

All Platform content not created by users is protected by copyright and owned by CactusIO or licensed.

4.3 School Content

Content in GHG-specific areas may be owned by Grace Hopper Gesamtschule and subject to their usage terms.

5. Availability and Technical Requirements

5.1 Availability

We strive for the highest possible availability of the Platform but cannot guarantee 100% availability.

5.2 Maintenance

Maintenance work may lead to temporary restrictions. We will inform you of planned maintenance in advance.

6. Liability and Warranty

6.1 Limitation of Liability

Our liability is limited to intent and gross negligence, as permitted by law.

6.2 User Liability

You are liable for all damages arising from your use, especially for violations of these Terms.

6.3 GHG Equipment Liability

Important Notice: When using device lending, you are liable for damage to borrowed equipment according to Grace Hopper Gesamtschule's school regulations.

7. Termination and Deletion

7.1 Termination by User

You can delete your user account at any time.

7.2 Termination by Provider

We may terminate your user account for violations of these Terms after warning.

7.3 School Departure

Upon leaving Grace Hopper Gesamtschule, access to GHG-specific areas automatically expires.

8. Final Provisions

8.1 Changes

We reserve the right to change these Terms as needed. You will be informed of significant changes.

8.2 Applicable Law

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

8.3 Severability Clause

Should individual provisions be invalid, the validity of the remaining provisions remains unaffected.

Table of Contents - Privacy Policy

1. General Information

1.1 Responsible Parties

For the CactusIO Platform:

CactusIO
[Address will be added after registration]
Email: [email protected]

For GHG-specific Areas:

Grace Hopper Gesamtschule
[School address]
Email: [School email]

1.2 Data Protection Officer Contact

For questions about data protection, contact: [email protected]

2. Type and Scope of Data Processing

2.1 Registration Data

Purpose: Providing platform functionality

Data: Name, email address, password (encrypted)

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

2.2 Profile Data

Purpose: Personalization and social features

Data: Profile picture, date of birth, gender, phone, address, biographical information

Legal Basis: Art. 6(1)(a) GDPR (consent)

2.3 Authentication Data

Purpose: Secure login and session management

Data:

  • IP addresses of known devices
  • Browser and device information
  • Login timestamps
  • Passkey data (if used)

Legal Basis: Art. 6(1)(f) GDPR (legitimate interest in security)

2.4 OAuth Logins (Google, GitHub, Microsoft)

Purpose: Alternative login options

Data: Email, name, profile picture (depending on provider)

Legal Basis: Art. 6(1)(a) GDPR (consent)

2.5 Usage Data

Purpose: Providing and improving services

Data:

  • Posts and shared content
  • Project data and files
  • Communication history
  • Activity logs

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

2.6 GHG-specific Data

Inventory Management

Purpose: Managing inventory and containers

Data: User activities, created items, change history

Legal Basis: Art. 6(1)(e) GDPR (public task)

Device Lending

Purpose: Managing device loans

Data: Loan periods, device condition, messages, loan purpose

Legal Basis: Art. 6(1)(e) GDPR (public task)

Class Management

Purpose: School organization

Data: Class memberships, teacher-student assignments

Legal Basis: Art. 6(1)(e) GDPR (public task)

HopperLAB (Machine Club)

Purpose: Safety and access permissions

Data: Registration application, motivation, experience, grade level, consent to safety rules

Legal Basis: Art. 6(1)(e) GDPR (public task)

3. Email Communication

3.1 System Messages

Purpose: Important account information

Data: Email address, name

Content: Registration confirmation, password reset, security warnings

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

3.2 School Communication

Purpose: School-related notifications

Data: Email address, name, role (student/teacher)

Content: Loan confirmations, HopperLAB decisions, important dates

Legal Basis: Art. 6(1)(e) GDPR (public task)

4. Data Sharing

4.1 No Sharing with Third Parties

Your data is not shared with third parties, except:

  • When legally required
  • Service providers necessary for contract fulfillment (hosting, email delivery, CDN)
  • With your explicit consent

4.2 Data Processing

External service providers process data exclusively on our behalf and according to our instructions per Art. 28 GDPR.

Cloudflare Services

Purpose: Content Delivery Network (CDN), DDoS protection and tunneling service

Data: IP addresses, browser information, visited pages

Location: USA/Europe (with adequate data protection level)

Privacy: Cloudflare Privacy Policy

5. Data Retention

5.1 Account Data

As long as the user account exists and additionally to fulfill legal retention requirements.

5.2 School-related Data

According to the retention guidelines of Grace Hopper Gesamtschule, at most until the end of school attendance plus legal retention periods.

5.3 Logs and Security Data

IP addresses and device information are deleted after 12 months, unless security incidents occur.

6. Your Rights

Important Information

You have comprehensive rights regarding your personal data. You can exercise these rights at any time.

6.1 Right of Access (Art. 15 GDPR)

You have the right to information about personal data stored about you.

6.2 Right to Rectification (Art. 16 GDPR)

You can request correction of incorrect data.

6.3 Right to Erasure (Art. 17 GDPR)

You can request deletion of your data, provided no legal retention requirements exist.

6.4 Right to Restriction (Art. 18 GDPR)

You can request restriction of processing.

6.5 Right to Data Portability (Art. 20 GDPR)

You can receive your data in a structured format.

6.6 Right to Object (Art. 21 GDPR)

You can object to processing based on legitimate interests.

6.7 Right to Complain

You have the right to complain to a data protection supervisory authority.

7. Technical and Organizational Measures

7.1 Security

  • Encryption of data transmission (SSL/TLS)
  • Secure password storage (hashing)
  • Regular security updates
  • Backup systems

7.2 Access Control

  • Role-based access rights
  • Multi-factor authentication available
  • Administrator access logging

7.3 Privacy by Design

  • Data minimization
  • Pseudonymization where possible
  • Privacy-friendly default settings

8. Cookies and Similar Technologies

8.1 Necessary Cookies

Cookies required for platform functionality (session management, security).

8.2 Functional Cookies

To improve user experience (language settings, theme preferences).

8.3 No Tracking Cookies

Your privacy matters to us: We do not use tracking cookies or third-party analytics services.

9. Changes to Privacy Policy

We reserve the right to update this Privacy Policy. You will be informed of significant changes via email or through the Platform.

10. Special Notes for Minor Users

Minor students of Grace Hopper Gesamtschule may use GHG-specific areas as part of school education. The legal basis for this is the public task of the school (Art. 6(1)(e) GDPR).