Privacy

What sitebin.io and app.sitebin.io do — and deliberately don't do — with your data.

Controller

IT-Trail GmbH, Schärdinger Straße 15, 4061 Pasching, Austria (FN 642899s, Landesgericht Linz). Managing director: Markus Furtlehner. Privacy contact: datenschutz@ittrail.at. See the imprint.

The short version

  • This marketing site sets no cookies, runs no analytics or trackers, and loads no third-party resources — fonts and scripts are served from this domain.
  • The interactive demo on the landing page runs entirely in your browser; dropped files are not transmitted.
  • The hosted service works without an account; accounts are optional and store the minimum needed to run them.

This website (sitebin.io)

Server logs

When you visit, the web server processes your IP address, access time, requested page, transferred bytes and browser/OS information. Legal basis: Art. 6(1)(f) GDPR — our legitimate interest in operating and securing the service. Logs are deleted automatically after 14 days. Hosting: Hetzner Online GmbH, on servers in the EU.

The hosted service (app.sitebin.io)

Anonymous sites

Publishing needs no account. We store the files you upload, the site's settings, and an Argon2id hash of the edit password (the password itself is never stored and cannot be recovered). Server logs as above. Legal basis: Art. 6(1)(b) GDPR — providing the service you request.

Accounts (optional)

If you create an account we process your email address, a password hash (for local sign-in) or the identity confirmed by Google or Microsoft (for social sign-in), your plan, and login timestamps. Legal basis: Art. 6(1)(b) GDPR. Transactional email (verification, password reset, billing notices) is sent to your address for the same reason; there is no marketing email.

Payments

Paid plans are processed by Paddle or Stripe — which of the two depends on your billing country, and the provider handling your purchase is shown at checkout. Card and banking details go to the provider only — we receive your email, transaction ID, plan and billing country. Legal bases: Art. 6(1)(b) GDPR and statutory bookkeeping obligations.

Content you publish

Sites you publish are stored and served to whomever you give the URL (or publicly, if you share it publicly) according to your settings — view passwords and expiry are under your control. You are responsible for the content you publish; abuse can be reported per the documentation.

Cookies on the app

Only what the service needs to function: a session cookie when you sign in, and a short-lived cookie when you unlock a view-protected site. No marketing or tracking cookies.

Retention

  • Server logs: 14 days.
  • Expired sites: files deleted 24 hours after expiry.
  • Account data: for the life of the account, then 30 days after deletion.
  • Billing records: 7 years (statutory retention, §132 BAO).

Recipients

We use Hetzner Online GmbH (EU hosting) and, for paid plans, Paddle or Stripe (depending on your billing country; named at checkout) as processors. We do not sell or share personal data for advertising.

Your rights

You have the right to access, rectification, erasure, restriction of processing, data portability and objection (Art. 15–21 GDPR), and to withdraw any consent with effect for the future (Art. 7(3) GDPR). Contact datenschutz@ittrail.at. You may also lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40–42, 1030 Vienna, dsb.gv.at.

Status: July 2026. This policy will be updated when the hosted service adds processors or processing activities.