Service Privacy Policy
Last updated: January 30, 2026
This policy applies to registered users of the Dashgrid service. For general website privacy information, see our Privacy Policy.
Dashgrid is operated by Xaido GmbH & Co. KG, Cologne, Germany. We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR).
1. Data We Collect
Account Data
When you create an account, we collect your email address and securely store a hashed version of your password. We may also store your name and profile information if you provide it.
User Content
We store the dashboards, data, and configurations you create or upload to Dashgrid. This data belongs to you and is processed solely to provide our service.
Usage Data
- Analytics: We use Plausible Analytics to collect anonymous, aggregated usage data without individual tracking.
- Log Files: Our servers temporarily store log files containing user agent strings and IP addresses for security purposes.
Payment Data
Payment processing is handled by Stripe. We do not store your full credit card details. See Stripe's privacy policy for details.
2. Cookies
We use a single essential session cookie (SID) to keep you logged in. This cookie is encrypted and contains no personal data. We do not use tracking or advertising cookies.
3. How We Use Your Data
- To provide and maintain the Dashgrid service
- To authenticate your account
- To send transactional emails (password resets, account notifications)
- To process payments for paid subscriptions
- To improve our service based on aggregated usage patterns
4. Data Subprocessors
We use the following third-party services to operate Dashgrid:
| Subprocessor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Hosting & Database | Germany |
| Amazon Web Services (SES) | Transactional Emails | EU (Frankfurt) |
| Stripe, Inc. | Payment Processing | USA (GDPR compliant) |
| Plausible Analytics | Anonymous Analytics | EU |
5. Data Storage & Security
Your data is stored on servers located in Germany. We implement appropriate technical and organizational measures including:
- Encryption in transit (TLS) and at rest
- Secure password hashing
- Access controls and authentication
- Regular security updates
6. Data Retention
- Active accounts: Data is retained while your account is active.
- Deleted accounts: Upon account deletion, your personal data and user content are deleted within 30 days, except where retention is required by law.
- Log files: Retained for up to 90 days for security purposes.
7. Your Rights (GDPR)
As a data subject, you have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data
- Portability: Export your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to certain processing activities
- Withdraw consent: Withdraw consent at any time
To exercise these rights, contact us at the address below.
8. Data Export
You can export your dashboards and data at any time from your account settings.
9. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email or in-app notice. Continued use after changes constitutes acceptance.
10. Contact
For privacy-related questions or to exercise your rights, contact us at privacy-policy@dashgrid.com.