Privacy Policy for the Affiliate Program
As of: May 2025
This privacy policy informs you about the processing of personal data in the context of the Zyrix Affiliate Program.
Data Controller
1.Controller
The controller within the meaning of the GDPR is Zyrix (contact details see legal notice).
2.Data Collected
We collect the following data: name, email address, bank details, tax ID (VAT number), IP address (as hash), browser information (for fraud protection), click and conversion data.
3.Purpose of Processing
Data is processed to operate the affiliate program, issue credit notes, pay commissions, prevent fraud, and fulfill tax obligations.
4.Legal Basis
The legal basis is Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(c) GDPR (legal obligation) for tax data.
5.Retention Period
Data is stored for the duration of the affiliate relationship and beyond for the legally required retention periods (10 years for tax-relevant documents).
6.Your Rights
You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. Contact: [email protected]
7.Fraud Protection
For fraud prevention, we store IP addresses as hashes, browser fingerprints, and Stripe card fingerprints. This data is used exclusively to detect abuse.
8.Right to Complain
You have the right to lodge a complaint with a data protection supervisory authority.
Tracking & Fraud Protection
For fraud prevention, we store IP addresses as hashes, browser fingerprint data and click timestamps. This data is used exclusively for fraud detection and deleted after 90 days.
Your Rights
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
To exercise your rights, contact: [email protected]
Data Protection Contact
For data protection questions: [email protected]