Cookie Policy & TTDSG Compliance

🍪 Last Updated: 20.06.2025 | Complete cookie policy compliant with TTDSG (German Telecommunications-Telemedia Data Protection Act), ePrivacy Directive, and GDPR for TrustedBoosts review management services.

1. Introduction & Legal Framework

This Cookie Policy explains how TrustedBoosts (operated by Sascha Wohlert) uses cookies and similar tracking technologies on our website and services. This policy complies with:

TTDSG (Telekommunikation-Telemedien-Datenschutz-Gesetz) - German Telecommunications-Telemedia Data Protection Act
ePrivacy Directive (2002/58/EC) - European privacy directive for electronic communications
GDPR (General Data Protection Regulation) - European data protection regulation
TMG (Telemediengesetz) - German Telemedia Act
German Federal Data Protection Act (BDSG)

2. What Are Cookies and Similar Technologies?

2.1 Cookies Definition

Cookies are small text files stored on your computer, smartphone, tablet, or other device when you visit our website. They contain information about your website usage and help us provide better services and user experience.

2.2 Similar Technologies We Use

Local Storage: Browser-based storage for user preferences and session data
Session Storage: Temporary storage during your browsing session
Web Beacons/Pixels: Small graphics for tracking email opens and web interactions
Browser Fingerprinting: Limited collection of browser/device characteristics for security
API Tokens: Secure authentication tokens for service integration
JavaScript Tracking: Script-based analytics and functionality tracking

3. Legal Basis for Cookie Processing

3.1 TTDSG § 25 Compliance

Consent Requirement: Under TTDSG § 25, we require your explicit consent for cookies that are not strictly necessary for the functioning of our telemedia service.

3.2 Cookie Categories and Legal Basis

Strictly Necessary Cookies: TTDSG § 25(2) Nr. 2 - No consent required
Functional Cookies: Explicit consent under TTDSG § 25(1)
Analytics Cookies: Explicit consent under TTDSG § 25(1)
Marketing Cookies: Explicit consent under TTDSG § 25(1)
Third-Party Integration: Explicit consent under TTDSG § 25(1)

4. Detailed Cookie Categories

4.1 Strictly Necessary Cookies (No Consent Required)

Purpose: Essential for website functionality and security. Cannot be disabled without breaking core functionality.

Cookie Name	Purpose	Duration	Type
next-auth.session-token	User authentication and session management	30 days	HTTP
next-auth.csrf-token	Cross-site request forgery protection	Session	HTTP
__stripe_mid	Payment processing security	1 year	HTTP
cookie-consent	Remember your cookie preferences	1 year	HTTP

4.2 Functional Cookies (Consent Required)

Purpose: Enhance user experience by remembering preferences and providing personalized functionality.

Cookie Name	Purpose	Duration	Type
theme-preference	Remember dark/light mode preference	1 year	Local Storage
language-preference	Remember language selection	1 year	Local Storage
dashboard-layout	Remember dashboard customization	6 months	Local Storage

4.3 Analytics Cookies (Consent Required)

Purpose: Understand website usage, performance, and user behavior for service improvement. Data is anonymized where possible.

Service	Cookies	Purpose	Duration
Google Analytics 4	_ga, _ga_*, _gid	Website usage analytics and performance	2 years / 24 hours
Vercel Analytics	__va, __vp	Performance monitoring and optimization	1 year
Internal Analytics	tb_analytics	Review management service analytics	90 days

4.4 Review Management Integration Cookies (Consent Required)

Purpose: Enable integration with review platforms and provide review management functionality.

Platform	Cookies	Purpose	Duration
Trustpilot Widget	tp_, trustpilot_	Display and functionality of review widgets	Various (6 months - 2 years)
Google Business	1P_JAR, NID, CONSENT	Google Business integration and maps	Various (1 month - 2 years)
Platform APIs	api_session, oauth_*	Secure API authentication for platforms	1 hour - 7 days

4.5 Communication & Support Cookies (Consent Required)

Purpose: Enable customer support features and communication tools.

Service	Cookies	Purpose	Duration
Crisp Chat	crisp-client/*	Live chat functionality and support	6 months
Email Tracking	email_open, link_click	Track email engagement for support	30 days

5. Cookie Consent Management

5.1 Consent Banner Implementation

TTDSG § 25 Compliance: Our consent banner provides:

Clear Information: Plain language explanation of cookie purposes
Granular Control: Separate consent for each cookie category
Easy Acceptance: One-click acceptance for convenience
Easy Rejection: One-click rejection of non-essential cookies
Detailed Settings: Advanced cookie preference management
Withdraw Consent: Easy withdrawal of previously given consent

5.2 Consent Options Available

"Accept All": Consent to all cookie categories
"Reject All": Decline all non-essential cookies
"Customize": Granular control over cookie categories
"Settings": Detailed cookie information and management

5.3 Consent Record Keeping

Documentation per GDPR Art. 7(1):

Timestamp of consent given or withdrawn
IP address (hashed for privacy)
Consent version and cookie policy version
Specific categories consented to
Browser and device information (for verification)
Method of consent (banner, settings page, etc.)

6. Data Transfers and Privacy

6.1 Third-Party Cookie Providers

International Transfers: Some cookies are set by services located outside the EU/EEA:

Google (Analytics): EU/US with Standard Contractual Clauses
Vercel (Hosting): EU/US with adequate safeguards
Stripe (Payments): EU operations with PCI DSS compliance
Trustpilot: EU-based processing (Denmark)
Crisp (Support): EU-based processing (France)

6.2 Data Minimization Principles

IP Anonymization: Google Analytics configured for IP anonymization
Shortened Retention: Reduced cookie lifespans where possible
Purpose Limitation: Cookies used only for stated purposes
Data Aggregation: Personal data aggregated and anonymized where possible
Regular Cleanup: Automatic deletion of expired cookies and data

7. Your Cookie Rights & Control

7.1 Browser-Based Cookie Management

All major browsers allow cookie control:

Google Chrome

Settings → Privacy and Security → Cookies and other site data

Mozilla Firefox

Settings → Privacy & Security → Cookies and Site Data

Apple Safari

Preferences → Privacy → Manage Website Data

Microsoft Edge

Settings → Cookies and site permissions → Cookies and site data

7.2 Website-Based Cookie Control

Cookie Settings: Access via footer link or banner
Preference Center: Granular control over cookie categories
Consent Withdrawal: Easy one-click withdrawal of consent
Real-Time Updates: Changes take effect immediately
Clear Information: Detailed explanation of each cookie type

7.3 Consequences of Cookie Blocking

If you disable cookies, you may experience:

Essential Cookies: Website functionality may be severely limited
Functional Cookies: Loss of personalization and preferences
Analytics Cookies: No impact on your experience
Integration Cookies: Review widgets and platform features may not work
Support Cookies: Live chat and support features may be unavailable

8. Special Provisions for Review Management

8.1 Platform Integration Cookies

Review Management Necessity: Certain cookies are essential for our core review management services:

API Authentication: Secure connection to review platforms
Session Management: Maintain platform connections during use
Data Synchronization: Keep review data current and accurate
Performance Tracking: Monitor service quality and improvements
Security Monitoring: Detect and prevent unauthorized access

8.2 Business Customer Considerations

B2B Service Implications:

Services primarily designed for business customers
Professional use may require certain cookies for functionality
Analytics help improve service quality for all customers
Integration cookies necessary for platform connectivity
Support cookies enhance customer service experience

9. Cookie Security & Data Protection

9.1 Security Measures

Secure Flag: Cookies transmitted only over HTTPS
HttpOnly Flag: Prevents JavaScript access where appropriate
SameSite Attribute: Protection against CSRF attacks
Encrypted Cookies: Sensitive data encrypted before storage
Regular Audits: Periodic security assessment of cookie usage
Access Controls: Limited access to cookie data

9.2 Data Retention & Deletion

Automatic Expiration: Cookies expire according to set durations
Regular Cleanup: Expired cookies automatically deleted
Consent Withdrawal: Immediate deletion when consent withdrawn
Account Deletion: All related cookies deleted with account
Request-Based Deletion: Manual deletion upon user request

10. Updates and Changes

10.1 Policy Updates

When we update this policy:

Updated date will be clearly displayed
Significant changes will trigger new consent requests
Users will be notified of material changes
Previous versions available upon request
Changes comply with applicable laws

10.2 New Cookie Implementation

Before implementing new cookies:

Privacy impact assessment conducted
Legal compliance verification
User consent obtained if required
Documentation updated
Security measures implemented

11. Contact & Cookie Inquiries

For all cookie-related questions, consent management, or privacy concerns:

Sascha Wohlert
TrustedBoosts - Cookie & Privacy Inquiries
Grüner Weg 5
94133 Röhrnbach, Germany

Email: mail@trustedboosts.com
Subject Line: "Cookie Policy - [Your Inquiry]"

Response Commitment: We respond to all cookie and privacy inquiries within 7 business days.

12. Supervisory Authority

For complaints about our cookie practices under TTDSG or GDPR:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
Phone: +49 981 180093-0
Email: poststelle@lda.bayern.de

🍪 Cookie Management: You can manage your cookie preferences at any time through our cookie settings, accessible in the website footer or by clicking the cookie consent banner when it appears.

✅ TTDSG Compliance: This policy fully complies with German TTDSG requirements for cookie consent and telemedia data protection.

Comprehensive Cookie Policy & TTDSG Compliance