Brutto-Netto Onlinebrutto-netto.online

Privacy Policy

1. Data Controller

Brutto-Netto Online

Marco Lindemann

Am Emspfad 3

49716 Meppen

Germany

E-Mail: kontakt@brutto-netto.online

Phone: +49 (0) 5931 877 99 20

2. Hosting and Server Logging

This website is hosted on servers located in Germany. When you access the website, the hosting provider automatically records server log files containing:

  • IP address of the requesting device
  • Date and time of access
  • Requested URL and HTTP method
  • HTTP status code
  • Volume of data transferred
  • Browser type and operating system (User-Agent)

Processing is based on Art. 6(1)(f) GDPR (legitimate interest in technical security and uninterrupted operation of the service). Log files are automatically deleted after a maximum of 30 days.

3. Cloudflare (CDN and Security)

This website uses services provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare acts as a Content Delivery Network (CDN) and provides protection against DDoS attacks and malicious traffic. All traffic between your browser and our servers is routed through Cloudflare's network.

In doing so, Cloudflare processes data including:

  • IP address of the requesting device
  • HTTP requests and responses (headers, URLs)
  • Date and time of access
  • Browser type (User-Agent)

Cloudflare operates data centres within the EU; however, data may also be transferred to the United States. For transfers to third countries, Cloudflare relies on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security, performance, and availability of the service).

For more information, please refer to Cloudflare's Privacy Policy: cloudflare.com/privacypolicy

4. Storage of Calculation Results

Successful salary calculations are stored in a database for quality assurance, abuse detection, and statistical analysis of usage. The following data is recorded:

  • Calculation input parameters (e.g. gross salary, tax class, federal state — no personal identifier)
  • HMAC-hashed IP address (the original IP address cannot be technically reconstructed)
  • Truncated User-Agent string (max. 255 characters)
  • Timestamp of the calculation
  • Selected language (locale) and tax year
  • Version of the calculation module and configuration

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in service improvement and abuse prevention).

Retention period: Records are automatically deleted after 24 months.

5. Abuse Protection (Rate Limiting)

To prevent automated abuse, the number of requests per IP address within a given time window is limited. For this purpose, an HMAC-hashed form of the IP address is temporarily stored in the server memory. The raw IP address is not persisted.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security of the service).

6. Language Preference and Theme Setting

When you switch the language version of this website, your chosen language may be stored in a functional cookie (NEXT_LOCALE) so that the website automatically appears in your preferred language on your next visit. The cookie contains only the language code (e.g. de or en) and no personal data.

Your preferred colour scheme (Light/Dark/System) is stored exclusively in your browser's local storage (localStorage) and is not transmitted to the server.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in user-friendly presentation of the website).

7. Fonts (self-hosted)

This website uses the Poppins typeface. The font files are downloaded during the build process and served directly from our own server. No connection to Google servers or any other external font service takes place. No data is transferred to third parties.

8. Disclosure of Data to Third Parties

Your data is only disclosed to third parties where required to fulfil legal obligations, where you have given your explicit consent, or in the context of the services described below (Cloudflare, Google Analytics). Advertising networks are not used.

9. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies that enable analysis of your use of the website.

We use Google Analytics exclusively with IP anonymisation enabled. As a result, your IP address is truncated by Google within member states of the European Union or other contracting states of the Agreement on the European Economic Area before transmission.

The information generated by the cookie about your use of this website (including the truncated IP address) is transmitted to a Google server and stored there. Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services relating to website and internet use.

Legal basis: Art. 6(1)(a) GDPR (consent). Google Analytics is only activated after your explicit consent via our cookie banner. You may withdraw your consent at any time with effect for the future.

For more information on Google's privacy practices, please visit: policies.google.com/privacy

10. Your Rights as a Data Subject

You have the following rights with regard to your data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)

To exercise your rights, please contact: kontakt@brutto-netto.online

Right to object: Where we process data on the basis of our legitimate interest (Art. 6(1)(f) GDPR), you may object to such processing under Art. 21 GDPR. Please describe the circumstances in your situation that argue against continued processing.

Last updated: June 2026