This section explains how personal data may be processed when you visit the public TOTPX website.
Last updated: 27 May 2026
This Website Privacy Information applies to the public TOTPX website, including publicly accessible landing pages, product pages, contact pages, legal pages, documentation previews and other website areas available without logging into the TOTPX Web App.
This section supplements the General Privacy Information. The TOTPX Web App, APIs and logged-in platform features are covered separately in the Web App Privacy Information.
When you access the TOTPX website, technical information may be automatically processed by our systems or by our hosting provider in order to deliver the website to your browser and maintain security.
This may include:
The purpose of processing this data is to display the website correctly, ensure technical stability, detect errors, prevent misuse and protect the security of our systems.
The legal basis is our legitimate interest in providing a secure, stable and functional website.
Website log data is generally stored only for as long as necessary for technical operation, security, troubleshooting and abuse prevention. Longer storage may occur if required to investigate attacks, misuse, fraud attempts or legal claims.
Where possible, log data may be deleted, shortened or anonymized once it is no longer required for the relevant purpose.
The TOTPX website is hosted by one or more technical hosting providers. Hosting providers may process technical access data, log data and security-related information to deliver the website and maintain infrastructure availability.
Final hosting provider details should be completed before public launch if required. If hosting providers outside the EU or EEA are used, appropriate safeguards should be applied where legally required.
We may use content delivery networks, DNS providers, firewall services or similar security and performance services to deliver website content faster and protect the website from abuse, attacks or overload.
Such services may process IP addresses, browser information, requested resources, security events, traffic metadata and similar technical data. The purpose is website performance, availability, security and protection against misuse.
The legal basis is our legitimate interest in secure and efficient delivery of the website.
The TOTPX website may use cookies or local storage. Cookies are small text files stored by the browser. Local storage allows certain information to be stored locally in the browser.
Technically necessary cookies or local storage may be used to provide essential website functions, such as remembering cookie notice status, language preferences, session-related information or security settings.
Optional cookies, analytics cookies, marketing cookies or third-party cookies are used only where implemented and legally permitted, typically based on consent.
If a cookie settings tool is provided, you can use it to adjust optional cookie categories. You can also control or delete cookies through your browser settings. If cookies are disabled, certain website features may not work correctly.
As the TOTPX website evolves, cookie settings may be expanded to include analytics, embedded content, marketing tools or other optional technologies.
If you contact us through the website, request access, ask for product information or submit a general inquiry, we may process the data you provide.
This may include:
The data is processed to respond to your inquiry, handle communication, prevent misuse and document the request where necessary. The legal basis may be pre-contractual measures, contract performance or our legitimate interest in responding to inquiries.
The website may provide downloadable resources, technical documents, API examples, quick-start guides, Postman collections, SDK previews, product information or other developer materials.
If downloads are available without a form, only technical access data may be processed. If access to a download requires a form or email submission, the submitted data may be processed to provide the resource and, where permitted, to follow up on the request.
The public website may contain limited API examples, documentation previews and links to the full documentation inside the TOTPX App. Accessing the public preview may generate website log data.
When you log into the TOTPX App, the Web App Privacy Information applies in addition to this Website Privacy Information.
The website may include links to external social media profiles or external platforms. These links are generally simple hyperlinks. If you click such a link, you leave the TOTPX website and the respective external provider is responsible for its own data processing.
We do not control how external platforms process personal data. Please review the privacy information of the relevant provider.
The website may later include embedded content such as videos, maps, code examples, widgets, review badges, demo tools or similar third-party elements.
If embedded content is used, the third-party provider may process technical data such as IP address, browser information, device information and interaction data. Where required, such content will be loaded only after consent or after an appropriate privacy notice.
We may use analytics tools to understand how visitors use the website, which pages are visited, where technical issues occur and how the website can be improved.
If analytics tools are not technically necessary, they will generally be used only based on consent. Analytics data may include page views, clicks, approximate location, browser information, device information, referrer URLs and interaction events.
Marketing or conversion measurement tools may be introduced later to understand whether visitors arrive through campaigns, partner links or search engines and whether they request access or create an account.
Where such tools use cookies or similar technologies that are not technically necessary, processing will generally be based on consent.
The website may use general technical information, such as IP-derived country information or browser language settings, to display content, language options or regional information more appropriately.
Precise location tracking is not intended for the public website unless expressly described and legally permitted.
The website may contain email links. If you contact us by email, your email application and mail provider may process metadata related to the communication. We process the content of your email and related metadata to respond to your request.
To protect the website, we may process technical data to detect suspicious traffic, spam, automated requests, denial-of-service attempts, unauthorized access attempts or other misuse.
This may include IP addresses, request patterns, headers, timestamps, blocked requests and security events. The legal basis is our legitimate interest in securing the website and protecting users, systems and business operations.
The website may use third-party providers for hosting, CDN, security, analytics, forms, embedded content, email delivery or similar purposes. The specific providers may change over time depending on technical requirements.
Where third-party providers process personal data on our behalf, we aim to use appropriate contractual arrangements. Where a provider acts as an independent controller, its own privacy information applies.
If website-related providers process data outside the EU or EEA, we aim to use appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions or other legally recognized transfer mechanisms.
Where a transfer is based on consent, the relevant information will be provided where required.
Website-related data is retained only as long as necessary for the relevant purpose.
You may object to processing based on legitimate interests in accordance with applicable law. Where processing is based on consent, you may withdraw consent at any time with effect for the future.
You can also use browser settings to delete cookies, block cookies or restrict certain tracking technologies.
The website may offer the option to subscribe to newsletters, product updates, security notices, API release notes or similar communication. If such a service is offered, we may process your email address, subscription status, date and time of registration, confirmation data and communication preferences.
The legal basis is generally your consent, unless communication is permitted under another legal basis. You can unsubscribe or withdraw consent at any time with effect for the future.
The website may later include chat widgets, support widgets, AI assistance or ticketing integrations. If such tools are used, we may process message content, technical metadata, page context, contact data and support history in order to respond to requests and improve support quality.
If third-party providers are used for these tools, additional provider-specific information will be added where required.
To protect forms, request-access flows, login-related links or other website functions from spam and automated misuse, we may use CAPTCHA, bot detection or similar security technologies.
Such tools may process IP addresses, browser information, device data, interaction patterns and security signals. Where legally required, additional information or consent options will be provided.
The website may later include public API demos, playgrounds, sample verification requests or interactive documentation examples. If such features are used, we may process technical request data, demo input, timestamps, IP addresses, response status and abuse-prevention metadata.
Demo functions should not be used with real secrets, production API keys or confidential data unless expressly intended and documented.
TOTPX may operate or link to a public status page for availability information, maintenance notices and incident updates. If users subscribe to incident notifications, we may process email addresses, notification preferences and subscription metadata.
If optional cookies, analytics tools, marketing tools, embedded media or other third-party technologies are used, a consent management function may be provided. This function may store consent status, consent timestamp, selected categories, browser information and a technical consent identifier.
Consent records may be retained to document choices and to ensure that the website respects the selected privacy settings.
This Website Privacy Information covers the public website only. If you create an account, log into the TOTPX App, use the Verify API, configure devices, create Shared Access grants or use paid features, the Web App Privacy Information applies in addition.