Legal Information

Last updated: May 25, 2025

Table of Contents - Terms & Conditions

1. Scope and Provider

1.1 General Platform

These Terms and Conditions apply to the use of the "CactusIO" platform (hereinafter "Platform"). The provider of the Platform is CactusIO (hereinafter "we", "us", "Provider").

1.2 Services

CactusIO provides a comprehensive platform for project management, content sharing, and collaboration tools.

2. Contract Formation and Registration

2.1 Registration

Registration is required to use the Platform. A usage contract between you and us is formed upon registration.

2.2 Truthful Information

You are obligated to provide truthful and complete information during registration and to keep this information current.

2.3 Account Security

You are responsible for maintaining the confidentiality of your account credentials and for all activities under your account.

3. Usage Rights and Obligations

3.1 Permitted Use

You may use the Platform exclusively for its intended purposes, including:

  • Managing user profiles and projects
  • Communication with other users
  • Sharing content (posts, projects, files)
  • Using provided tools and services
  • Accessing premium features (if subscribed)

3.2 Prohibited Use

The following are prohibited:

  • Transmission of malware or harmful code
  • Spam or unwanted advertising
  • Harassment of other users
  • Distribution of illegal content
  • Circumventing security measures
  • Unauthorized commercial use
  • Violation of intellectual property rights

4. Content and Intellectual Property

4.1 User Content

You retain ownership rights to content you upload. By uploading, you grant us a non-exclusive license to store, display, and distribute your content on the Platform as necessary for service provision.

4.2 Platform Content

All Platform content not created by users is protected by copyright and owned by CactusIO or licensed from third parties.

4.3 Content Responsibility

You are solely responsible for the content you upload and must ensure it does not violate any laws or third-party rights.

5. Payment and Billing

5.1 Subscription Plans

CactusIO offers various subscription plans with different features and pricing. Current pricing is available on our website.

5.2 Payment Processing

Payment via Stripe

Payments are processed securely through Stripe. We do not store your payment information on our servers. Stripe's terms of service and privacy policy apply to payment processing.

5.3 Billing and Renewal

Subscriptions automatically renew at the end of each billing period unless cancelled. You will be charged the current subscription fee.

5.4 Cancellation and Refunds

You may cancel your subscription at any time. Refunds are generally not provided for partial billing periods, but may be considered on a case-by-case basis.

6. Availability and Technical Requirements

6.1 Availability

We strive for the highest possible availability of the Platform but cannot guarantee 100% uptime. Service interruptions may occur due to maintenance, updates, or technical issues.

6.2 Maintenance

Scheduled maintenance may lead to temporary service restrictions. We will provide advance notice when possible.

7. Liability and Warranty

7.1 Limitation of Liability

Our liability is limited to intent and gross negligence, as permitted by applicable law. We are not liable for indirect, incidental, or consequential damages.

7.2 User Liability

You are liable for all damages arising from your use of the Platform, especially for violations of these Terms.

7.3 Service Warranty

The Platform is provided "as is" without warranties of any kind, express or implied.

8. Termination and Deletion

8.1 Termination by User

You can delete your user account at any time through your account settings or by contacting support.

8.2 Termination by Provider

We may terminate your user account for violations of these Terms, typically after providing a warning.

8.3 Data Retention After Termination

Upon account termination, your data will be deleted within 30 days, except where legal retention requirements apply.

9. Final Provisions

9.1 Changes

We reserve the right to change these Terms as needed. You will be informed of significant changes via email or platform notification.

9.2 Applicable Law

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

9.3 Severability Clause

Should individual provisions be invalid, the validity of the remaining provisions remains unaffected.

Table of Contents - Privacy Policy

1. General Information

1.1 Data Controller

CactusIO

Hubertusstraße 11, 15831 Blankenfelde Mahlow, Germany
Email: [email protected]
Website: https://cactusio.com

1.2 Data Protection Officer Contact

For questions about data protection, contact: [email protected]

2. Type and Scope of Data Processing

2.1 Registration Data

Purpose: Account creation and platform access

Data: Name, email address, password (encrypted)

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

2.2 Profile Data

Purpose: Personalization and social features

Data: Profile picture, date of birth, gender, phone, address, biographical information

Legal Basis: Art. 6(1)(a) GDPR (consent)

2.3 Authentication Data

Purpose: Secure login and session management

Data:

  • IP addresses of known devices
  • Browser and device information
  • Login timestamps
  • Passkey data (if used)

Legal Basis: Art. 6(1)(f) GDPR (legitimate interest in security)

2.4 OAuth Logins (Google, GitHub, Microsoft)

Purpose: Alternative login options

Data: Email, name, profile picture (depending on provider)

Legal Basis: Art. 6(1)(a) GDPR (consent)

2.5 Usage Data

Purpose: Providing and improving services

Data:

  • Posts and shared content
  • Project data and files
  • Communication history
  • Activity logs and usage statistics

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

3. Payment Processing (Stripe)

Stripe Payment Processing

Purpose: Processing subscription payments and managing billing

Data Processed by Stripe:

  • Payment method information (credit card, bank account)
  • Billing address and contact information
  • Transaction history and payment status
  • Device and browser information for fraud prevention

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

Data Sharing: Payment data is processed directly by Stripe and not stored on our servers. Stripe may share necessary information with payment networks and financial institutions.

Stripe Privacy Policy: https://stripe.com/privacy

3.1 Billing Information

We receive limited billing information from Stripe, including payment status, subscription details, and billing history for account management purposes.

3.2 Invoice Data

For tax and accounting purposes, we store invoice data including billing address, tax identification numbers, and transaction records as required by law.

4. Email Communication

4.1 System Messages

Purpose: Important account and service information

Data: Email address, name

Content: Registration confirmation, password reset, security warnings, billing notifications

Legal Basis: Art. 6(1)(b) GDPR (contract performance)

4.2 Marketing Communications

Purpose: Product updates and promotional content

Data: Email address, name, usage preferences

Legal Basis: Art. 6(1)(a) GDPR (consent)

Opt-out: You can unsubscribe at any time using the link in emails or through account settings.

5. Data Sharing

5.1 No Sharing with Third Parties

Your data is not shared with third parties, except:

  • When legally required by law enforcement or regulatory authorities
  • Service providers necessary for contract fulfillment (hosting, email delivery, CDN, payment processing)
  • With your explicit consent

5.2 Service Providers

External service providers process data exclusively on our behalf and according to our instructions per Art. 28 GDPR.

Cloudflare Services

Purpose: Content Delivery Network (CDN), DDoS protection and tunneling service

Data: IP addresses, browser information, visited pages

Location: USA/Europe (with adequate data protection level)

Privacy: Cloudflare Privacy Policy

Stripe Inc.

Purpose: Payment processing and billing management

Data: Payment information, billing details, transaction data

Location: USA (with adequate data protection level)

Privacy: Stripe Privacy Policy

6. Data Retention

6.1 Account Data

As long as the user account exists and additionally to fulfill legal retention requirements (typically 10 years for tax-related data).

6.2 Payment Data

Billing and payment data is retained for tax and accounting purposes as required by law (typically 10 years in Germany).

6.3 Logs and Security Data

IP addresses and device information are deleted after 12 months, unless security incidents require longer retention.

7. Your Rights

Important Information

You have comprehensive rights regarding your personal data under GDPR. You can exercise these rights at any time by contacting us.

7.1 Right of Access (Art. 15 GDPR)

You have the right to information about personal data stored about you.

7.2 Right to Rectification (Art. 16 GDPR)

You can request correction of incorrect data.

7.3 Right to Erasure (Art. 17 GDPR)

You can request deletion of your data, provided no legal retention requirements exist.

7.4 Right to Restriction (Art. 18 GDPR)

You can request restriction of processing.

7.5 Right to Data Portability (Art. 20 GDPR)

You can receive your data in a structured format.

7.6 Right to Object (Art. 21 GDPR)

You can object to processing based on legitimate interests.

7.7 Right to Complain

You have the right to complain to a data protection supervisory authority.

8. Technical and Organizational Measures

8.1 Security

  • Encryption of data transmission (SSL/TLS)
  • Secure password storage (hashing with salt)
  • Regular security updates and monitoring
  • Secure backup systems
  • PCI DSS compliance for payment processing

8.2 Access Control

  • Role-based access rights
  • Multi-factor authentication available
  • Administrator access logging
  • Regular access reviews

8.3 Privacy by Design

  • Data minimization principles
  • Pseudonymization where possible
  • Privacy-friendly default settings
  • Regular privacy impact assessments

9. Cookies and Similar Technologies

9.1 Necessary Cookies

Essential cookies required for platform functionality (session management, security, authentication).

9.2 Functional Cookies

To improve user experience (language settings, theme preferences, form data).

9.3 Analytics and Performance

We use minimal analytics to understand platform usage and improve performance. This data is anonymized and aggregated.

9.4 No Third-Party Tracking

Your privacy matters to us: We do not use third-party tracking cookies or external analytics services that compromise your privacy.

10. Changes to Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in our practices or applicable law. You will be informed of significant changes via email or through the Platform. Continued use of the Platform after changes constitutes acceptance of the updated policy.