Open Source Miners
← Back to home

Privacy Policy

This is an English courtesy translation. The legally binding version is the German original.

1. Controller

The controller responsible for data processing on this website is:
Open Source Miners, Inhaber Jan Becker
Warschauer Straße 70
10243 Berlin
Email: [email protected]

2. General information on data processing

We process personal data only insofar as this is necessary to provide a functioning website and to process your order. The legal bases are in particular Art. 6 (1) (b) GDPR (performance of a contract), Art. 6 (1) (c) GDPR (legal obligation) and Art. 6 (1) (f) GDPR (legitimate interest).

3. Hosting & content delivery network

Our website is operated on servers within the European Union. A data processing agreement (DPA) pursuant to Art. 28 GDPR exists with our hosting provider. Processing takes place to fulfil our contractual and pre-contractual obligations and in our legitimate interest in a secure and efficient provision of our offer (Art. 6 (1) (b) and (f) GDPR).

To secure and speed up the delivery of our website, we use the content delivery and security network of Cloudflare, Inc. (101 Townsend Street, San Francisco, CA 94107, USA). In doing so, Cloudflare processes connection data (including the IP address) as a processor in order to ward off attacks (e.g. DDoS), filter traffic and deliver content faster (Art. 6 (1) (f) GDPR – legitimate interest in secure and performant operation). Any transfer to the USA is safeguarded by the EU standard contractual clauses; a data processing agreement exists with Cloudflare. Further information: cloudflare.com/privacypolicy.

Server log files

The provider automatically collects and stores information in so-called server log files, which your browser automatically transmits. These are: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request and the IP address. This data is not merged with other data sources. Collection takes place on the basis of Art. 6 (1) (f) GDPR for the purpose of technically error-free and secure operation.

4. SSL/TLS encryption

For security reasons, this site uses SSL/TLS encryption. You can recognize an encrypted connection by “https://” in the address bar of your browser.

5. Cookies & consent

We use technically necessary cookies to operate the shop – specifically a session cookie for your cart and the security of forms (CSRF protection). These are required for operation; the legal basis is Art. 6 (1) (f) GDPR or § 25 (2) TDDDG and they do not require consent.

Services beyond this – in particular reach measurement with Google Analytics (see section 6) – are activated only with your explicit consent. On your first visit we request this via a cookie banner. You can change or revoke your choice at any time via the “Cookie settings” link in the footer. The legal basis is Art. 6 (1) (a) GDPR or § 25 (1) TDDDG.

6. Reach measurement with Google Analytics

If you have consented, we use Google Analytics 4, a service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), to statistically evaluate and improve the use of our shop. Cookies or similar technologies are set and usage data (including a shortened/anonymized IP address, pages visited, device/browser) are processed. IP anonymization is enabled.

A transfer to the USA cannot be ruled out; the basis is the EU standard contractual clauses. The legal basis is your consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG). You can revoke your consent at any time with effect for the future via the “Cookie settings” in the footer.

7. Web fonts

For a consistent presentation we use fonts that are stored and delivered locally on our own server. No connection to third-party servers (e.g. Google Fonts) is established and no IP address is transmitted to third parties.

8. Order processing

When you place an order, we collect the data required to process the contract: first and last name, delivery/billing address, email address, phone number if applicable, and the order data. Processing takes place to perform the contract (Art. 6 (1) (b) GDPR). No customer account is created; ordering as a guest is possible.

We retain invoice- and accounting-relevant data in accordance with commercial and tax retention periods (generally 6 or 10 years pursuant to § 257 HGB, § 147 AO) (Art. 6 (1) (c) GDPR).

9. Payment service providers

Depending on the selected payment method, we pass on the data required for payment processing to the respective provider (Art. 6 (1) (b) GDPR):

  • Bitcoin / Lightning (BTCPay Server): Payment is processed via our self-operated BTCPay Server. No personal payment data is transmitted to an external payment service provider. Please note that, for technical reasons, transactions on the Bitcoin network are stored in a public blockchain.
  • Credit card (Revolut): The provider is Revolut Bank UAB or an affiliated company of the Revolut group. For card payments, the payment data is transmitted directly to Revolut and processed there. Revolut’s privacy terms additionally apply.
  • PayPal: The provider is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. If PayPal is selected, the data required for payment is transmitted to PayPal. PayPal’s privacy terms additionally apply.

10. Shipping

To deliver the ordered goods, we pass on your name and delivery address to the shipping/ logistics company we commission (Correos or UPS), insofar as this is necessary for delivery (Art. 6 (1) (b) GDPR).

11. Contacting us

If you contact us by email, we process your details to handle the request and in case of follow-up questions (Art. 6 (1) (b) or (f) GDPR). We do not pass on this data without your consent.

12. Your rights

Under the GDPR you have the following rights:

  • Access to the data stored about you (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR), insofar as no retention obligations conflict
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing (Art. 21 GDPR)
  • Complaint to a data protection supervisory authority (Art. 77 GDPR)

To exercise your rights, an informal message to [email protected] is sufficient.

13. Right to object (Art. 21 GDPR)

Insofar as we process data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object at any time on grounds relating to your particular situation.

As of: 06/2026