Privacy Policy
Last Updated: 06.08.2025
1. Introduction
Welcome to Sage.blue ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.sage.blue (the "Website") and use our services.
This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Austrian Data Protection Act (Datenschutzgesetz - DSG).
Data Controller:
Sage.blue
Michael König-Weichhardt
Bachweg 10
Styria, Austria
Email: office@sage.blue
2. Information We Collect
2.1 Information You Provide Directly
When you interact with our Website, we may collect:
- Account Information: Name and email address when you create a member account
- Payment Information: When you subscribe to paid content, payment processing is handled by Stripe (Ghost.org's payment processor). We do not store credit card details on our servers
- Communication Data: Information you provide when contacting us via email
- Newsletter Subscription: Email address if you subscribe to our newsletter
2.2 Information Collected Automatically
When you visit our Website, we automatically collect:
- Technical Data: IP address (anonymized), browser type and version, time zone setting, operating system
- Usage Data: Pages visited, time spent on pages, links clicked, and navigation patterns
- Cookie Data: Essential cookies required for website functionality (see Section 5)
3. Legal Basis for Processing
We process your personal data based on the following legal grounds under Article 6 GDPR:
- Contract Performance (Art. 6(1)(b) GDPR): To provide membership services and process payments
- Legitimate Interests (Art. 6(1)(f) GDPR): To maintain website security, improve our services, and provide customer support
- Consent (Art. 6(1)(a) GDPR): For newsletter subscriptions and optional communications
- Legal Obligations (Art. 6(1)(c) GDPR): To comply with Austrian tax and accounting requirements
4. How We Use Your Information
We use your personal data for:
- Service Provision: Managing your account, providing access to member-only content
- Payment Processing: Processing subscriptions and payments through Ghost.org's integrated payment system
- Communication: Responding to inquiries, sending service-related notifications
- Newsletter: Sending updates and content (only with your consent)
- Security: Protecting against unauthorized access and maintaining website integrity
- Legal Compliance: Meeting our legal and regulatory obligations under Austrian law
5. Cookies
Our Website uses only essential cookies required for proper functioning:
Essential Cookies (No Consent Required)
| Cookie Name | Purpose | Duration |
|---|---|---|
| ghost-members-ssr | Member authentication | Session |
| ghost-members-ssr.sig | Member authentication security | Session |
| __stripe_mid | Payment processing security | 1 year |
| __stripe_sid | Payment session management | 30 minutes |
These cookies are strictly necessary for the Website to function and cannot be disabled. They do not store personally identifiable information beyond what is necessary for the service to work.
We do not use any analytics, advertising, or tracking cookies.
6. Data Sharing and Disclosure
We do not sell, trade, or rent your personal data. We share your information only with:
6.1 Service Providers
- Ghost.org: Our website hosting and content management platform (data stored in EU)
- Stripe: Payment processing for subscriptions (only payment-related data)
These providers are bound by data processing agreements and process data only on our instructions.
6.2 Legal Requirements
We may disclose your information if required by:
- Austrian or EU law
- Court orders or legal proceedings
- Protection of our legal rights or safety of others
7. Data Retention
We retain your personal data only as long as necessary:
- Account Data: As long as your account is active plus 30 days after deletion request
- Payment Records: 7 years as required by Austrian tax law
- Email Communications: 2 years unless you request earlier deletion
- Newsletter Subscription: Until you unsubscribe
- Technical Logs: 30 days for security purposes
8. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of Access (Art. 15 GDPR): Request a copy of your personal data
- Right to Rectification (Art. 16 GDPR): Request correction of inaccurate data
- Right to Erasure (Art. 17 GDPR): Request deletion of your data ("right to be forgotten")
- Right to Restrict Processing (Art. 18 GDPR): Request limitation of data processing
- Right to Data Portability (Art. 20 GDPR): Receive your data in a structured format
- Right to Object (Art. 21 GDPR): Object to processing based on legitimate interests
- Right to Withdraw Consent (Art. 7 GDPR): Withdraw consent at any time for consent-based processing
To exercise these rights, contact us at office@sage.blue. We will respond within 30 days.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- SSL/TLS encryption for data transmission
- Regular security updates and monitoring
- Access controls and authentication requirements
- Secure hosting infrastructure through Ghost.org
However, no method of internet transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
10. International Data Transfers
Your data is stored on Ghost.org servers located within the European Union. If any data processing occurs outside the EU (such as Stripe payment processing), appropriate safeguards are in place including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for specific countries
11. Children's Privacy
Our Website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
12. Your California Privacy Rights
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). Please contact us for more information.
13. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
14. Supervisory Authority
You have the right to lodge a complaint with the Austrian Data Protection Authority:
Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Website: www.dsb.gv.at
15. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by:
- Posting a notice on our Website at least 30 days before the changes take effect
- Sending an email to registered members (for substantial changes)
The "Last Updated" date at the top shows when this policy was last revised.
16. Contact Information
For questions about this Privacy Policy or to exercise your rights, contact us at:
Email: office@sage.blue
Response Time: We aim to respond within 72 hours and resolve requests within 30 days
Consent Acknowledgment for Members
By creating an account and using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein, except where your consent is not required under applicable law.