P
PHIX← Back to Home

Privacy Policy

Last updated: March 1, 2026

This Privacy Policy describes how PHIX ("we", "us", or "our") collects, uses, and shares information about you when you use our website and beta registration service. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Controller

The data controller responsible for processing your personal data is PHIX. For contact details, please see our Imprint. For privacy-related inquiries, contact us at: beta@phix.lighting

2. What Data We Collect

2.1 Beta Registration

When you sign up for our Beta program, we collect:

  • Email address (required)
  • Full name (optional)
  • Company or venue name (optional)
  • Intended use case (optional)
  • Registration timestamp
  • Email verification status and timestamp

2.2 Automatically Collected Data

When you visit our website, we may automatically collect technical information including IP address, browser type and version, operating system, referring URL, and pages visited. This data is used for security, performance monitoring, and analytics purposes.

2.3 Cookies

We use cookies and similar technologies. Please see our Cookie Policy for detailed information about the cookies we use and how to manage your preferences.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the Beta service and communicate with you about your registration.
  • Legitimate interests (Art. 6(1)(f) GDPR): For fraud prevention, security, and improving our service.
  • Consent (Art. 6(1)(a) GDPR): For optional cookies (analytics, marketing) where you have given explicit consent via our cookie banner.

4. How We Use Your Data

We use your data to:

  • Process and manage your Beta registration
  • Send email verification and confirmation messages
  • Communicate updates about the PHIX Beta program
  • Improve and develop our software and services
  • Comply with legal obligations
  • Prevent fraud and ensure security

5. Data Sharing and Recipients

We do not sell your personal data. We may share your data with trusted service providers who help us operate our website (e.g., hosting providers, email delivery services). These providers are contractually bound to process your data only as instructed and in accordance with applicable data protection law.

5.1 Matomo Analytics

With your consent, we use Matomo (open-source web analytics software) to analyse how visitors use our website. Matomo runs exclusively on our own servers located within the EU. No data is shared with any third party, and no data is transferred outside the European Economic Area.

Matomo collects pseudonymous data including pages visited, time on site, referring URLs, and browser/device type. IP addresses are anonymised before storage. Tracking is completely disabled until you give explicit consent via the cookie banner. You can withdraw your consent at any time by clicking "Cookie Settings" in the footer of this website.

Legal basis: Art. 6(1)(a) GDPR (consent) in conjunction with § 25(1) TDDDG.

If required by law, we may share your data with public authorities.

6. Data Retention

We retain your Beta registration data for the duration of the Beta program and for a reasonable period thereafter (up to 2 years) unless you request deletion earlier. Email verification tokens expire after 24 hours. You may request deletion of your data at any time (see Section 8).

7. International Transfers

Your data is stored on servers located within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of access (Art. 15): You can request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): You can request correction of inaccurate data.
  • Right to erasure (Art. 17): You can request deletion of your personal data ("right to be forgotten").
  • Right to restriction (Art. 18): You can request that we limit how we process your data.
  • Right to data portability (Art. 20): You can request your data in a structured, machine-readable format.
  • Right to object (Art. 21): You can object to processing based on legitimate interests.
  • Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@phix.app. We will respond within 30 days.

You also have the right to lodge a complaint with your local supervisory authority. In Germany, this is the relevant Datenschutzbehörde (DPA).

9. Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, loss, or destruction. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered Beta users of material changes by email. The current version is always available on this page with the date of the last update shown above.