Data Privacy

Privacy Policy

1. Introduction
We take the protection of your personal data seriously. This privacy policy explains how we collect, use, and protect your data when you visit our website. We ensure full compliance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable EU and German data protection laws.

2. Data Controller
The responsible entity for data processing on this website is the owner. If you have any questions regarding data protection, you may contact us using the provided details.

3. Hosting and Content Management System
Our website is built using Publii, a static site generator. This means that no server-side processing or databases are involved, significantly reducing data collection. The website is hosted by manitu.de, which, as part of its hosting services, collects and stores server log files automatically. The following information is collected:

  • Anonymized IP address
  • Browser type and version
  • Operating system used
  • Referrer URL
  • Date and time of the server request

These log files are used exclusively for security, troubleshooting, and optimizing server performance. The data is anonymized where possible and deleted automatically after a reasonable retention period unless longer storage is required for security reasons.

4. Web Analytics (Umami)
We use Umami for web analytics, which is hosted on our own servers. This ensures that no data is transmitted to third parties. Umami collects the following data:

  • Anonymized IP address (shortened to prevent identification)
  • Date and time of visit
  • Pages accessed
  • Referring website
  • Browser and device information

Umami is configured to respect "Do Not Track" settings in your browser. All data collected is used solely for the purpose of improving our website and services. Data is not shared with external parties and is stored securely with strict access controls.

5. Cookies
Our website uses cookies to improve functionality and user experience. Cookies are small text files stored on your device. We use two types of cookies:

  • Essential cookies: Required for website functionality (do not require consent).
  • Analytics cookies: Used to analyze website usage (only stored with prior consent).

You can manage or disable cookies through your browser settings. A cookie consent banner is provided to allow you to opt in or out of non-essential cookies.

6. Legal Basis for Processing
The processing of personal data on our website is based on:

  • Article 6(1)(b) GDPR – Necessary for contract performance (e.g., providing requested content).
  • Article 6(1)(f) GDPR – Legitimate interest in ensuring website security and optimization.
  • Article 6(1)(a) GDPR – Consent, where required (e.g., analytics cookies).

7. Your Rights as a Data Subject
As a user of our website, you have the following rights under the GDPR:

  • Right to access (Article 15 GDPR): Obtain information about your stored personal data.
  • Right to rectification (Article 16 GDPR): Correct inaccurate or incomplete data.
  • Right to erasure (Article 17 GDPR): Request deletion of your personal data, subject to legal retention obligations.
  • Right to restrict processing (Article 18 GDPR): Request limited processing of your data.
  • Right to object (Article 21 GDPR): Object to data processing based on legitimate interest.
  • Right to data portability (Article 20 GDPR): Receive your data in a structured, commonly used format.

To exercise these rights, please contact us using the provided contact details. You also have the right to lodge a complaint with the relevant data protection authority if you believe your data has been mishandled.

8. Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, loss, or misuse. These measures include:

  • Encrypted transmission (SSL/TLS)
  • Access control mechanisms
  • Regular security audits and updates

9. Third-Party Services and Data Transfers
Since our website is statically generated and does not rely on external services such as Content Delivery Networks (CDNs) or embedded third-party tools, data transmission to external parties is minimized. Where third-party services are used (e.g., hosting by manitu.de), strict data processing agreements ensure compliance with GDPR.


Graph Comment System

We use Graph to manage comments on our website, a simple, privacy-friendly solution designed to ensure a smooth user experience while respecting your personal data. Graph does not require accounts or excessive data collection, making it an excellent choice for maintaining privacy.

For more details on how Graph handles your data, please check their Privacy Policy.

10. Retention and Deletion of Data
Personal data is retained only as long as necessary for the purposes for which it was collected or to meet legal retention requirements. Once this period expires, data is securely deleted or anonymized.

11. Liability and Legal Disclaimer
While we take all reasonable precautions to protect your data, we cannot guarantee absolute security. Any transmission of data over the internet is at your own risk. We are not liable for any unauthorized access to personal data caused by external breaches beyond our control. Furthermore, we do not assume responsibility for content or privacy practices of third-party websites linked on our site.

12. Changes to this Privacy Policy
We reserve the right to update this privacy policy to reflect changes in legal requirements or website functionality. The latest version will always be available on our website.

Last updated: Feb. 3. 2025

If you have any questions about this privacy policy or wish to exercise your rights, please contact us.