← Back to Unibright Legal

Privacy Policy

Last updated: May 2026 · GDPR Information

1. Controller

The controller for data processing on this website is:

SPO Consulting GmbH
Dromersheimer Chaussee 24b
55411 Bingen am Rhein
Germany
Email: mail@unibright.io

2. What Data We Collect

2.1 Server Log Files

When you visit this website, our web server automatically records general connection data in log files. This includes:

  • IP address (anonymized after 7 days)
  • Date and time of the request
  • Name of the requested file
  • Browser type and version
  • Operating system
  • HTTP status code and transferred data volume
  • Referring URL

This data is collected on the basis of Art. 6(1)(f) GDPR — our legitimate interest in operating a secure and available website. Log data is deleted after 30 days at the latest. This data is generally not used to identify individual visitors.

2.2 Web Fonts (Self-Hosted)

This website uses the Lato typeface, served directly from our own server. Lato is licensed under the SIL Open Font License 1.1. No external connection to Google Fonts or any third-party font CDN is established when loading the website.

2.3 Medium Blog Feed

The "Latest" section on our homepage loads recent blog posts from our Medium publication via rss2json.com, a third-party RSS-to-JSON service. When the page loads, your browser sends a request to rss2json.com which in turn fetches our Medium RSS feed. Your IP address may be visible to rss2json.com. If the service is unavailable, static fallback content is shown (no external request). The legal basis is Art. 6(1)(f) GDPR — our legitimate interest in displaying current content without manual updates.

2.4 External Links

This website contains links to external services including Medium, CoinGecko, Etherscan, and GitHub. When you click these links, you leave our site and the privacy policies of those services apply. We have no control over and accept no responsibility for their data processing practices.

2.5 No Tracking Cookies or Analytics

This website does not use tracking cookies, advertising cookies, or analytics tools (such as Google Analytics, Matomo, or similar). We do not build visitor profiles or share data with third parties for marketing purposes.

2.6 Newsletter Subscription (Brevo / Sendinblue)

Our website offers an optional newsletter subscription via a popup form. The form is provided and processed by Brevo (Sendinblue SAS), 7 rue de Madrid, 75008 Paris, France, acting as our processor under Art. 28 GDPR. The form's CSS and JavaScript are loaded from sibforms.com when the page loads; your browser therefore establishes a connection to Brevo's servers on every page visit. No personal data is transmitted unless you actively submit the subscription form.

When you subscribe, we process your email address, the timestamp of your subscription, and your IP address (for confirmation and abuse prevention) on the basis of your consent under Art. 6(1)(a) GDPR. Brevo uses a confirmed double-opt-in process: you receive a confirmation email and only become an active subscriber after clicking the link in that email. Your data is stored until you withdraw your consent — either via the unsubscribe link included in every newsletter, or by writing to mail@unibright.io. You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

Brevo is based in the European Union; data is processed within the EU. More information on Brevo's data processing is available at brevo.com/legal/privacypolicy.

3. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

To exercise these rights, please contact us at mail@unibright.io. You also have the right to lodge a complaint with a supervisory authority. The competent authority in Rhineland-Palatinate is: Landesbeauftragte für den Datenschutz und die Informationsfreiheit, Hintere Bleiche 34, 55116 Mainz, Germany.

4. Data Security

This website uses HTTPS to encrypt all data transmitted between your browser and our server. We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse.

5. Changes to This Policy

We reserve the right to update this privacy policy to reflect changes in our practices or applicable law. The current version is always available on this page. The date at the top indicates the most recent update.