Privacy Policy

Data Protection Declaration (GDPR)

Unless stated otherwise below, providing your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data; not providing it will have no consequences. "Personal data" is any information relating to an identified or identifiable natural person.

Controller

Steffen Fahrenbach
c/o Postflex #9683
Emsdettener Str. 10
48268 Greven
Germany

E-Mail: [email protected]

Server Log Files & Retention

Each time you access our website, a server log file is created. This may include your IP address, request timestamp, requested URL, user-agent string and referrer URL. We retain these logs for a minimum of 7 and a maximum of 14 days, after which they are automatically deleted.

Data Subject Rights

Under Articles 15–21 of the EU General Data Protection Regulation (GDPR), you have the right to:

  • Request confirmation as to whether and what personal data we process about you (Art. 15 GDPR)
  • Obtain correction of inaccurate data or completion of incomplete data (Art. 16 GDPR)
  • Request deletion ("right to be forgotten") (Art. 17 GDPR)
  • Request restriction of processing (Art. 18 GDPR)
  • Receive your personal data in a structured, commonly used and machine-readable format — data portability (Art. 20 GDPR)
  • Object at any time to processing based on our legitimate interests (Art. 21 (1) GDPR)

To exercise any of these rights, please contact us at [email protected].

Cookies & Browser Storage

We do not use cookies or comparable tracking technologies. Any site preferences (e.g. dark/light mode) are stored locally in your browser's localStorage and are deleted whenever you clear your browser data. No data is transmitted to us or any third party.

Cloudflare may set its own technical cookies (e.g. __cf_bm) for bot detection and security purposes. These are strictly necessary cookies. For details, see Cloudflare's privacy policy.

Web Hosting

This site is hosted on servers operated by Klokk. A Data Processing Agreement under Art. 28 GDPR is in place to ensure data is handled in accordance with EU standards.

Intrusion Prevention (CrowdSec)

To protect our infrastructure against automated attacks, brute-force attempts and other malicious traffic, we use CrowdSec. CrowdSec analyses server log data to detect abusive behaviour and may temporarily block the IP addresses involved.

For this purpose CrowdSec processes IP addresses and request metadata (such as requested URLs, timestamps and user-agent strings) on our behalf. Processing runs on our own infrastructure. The legal basis is our legitimate interest in the security and integrity of our systems (Art. 6(1)(f) GDPR).

Content Delivery Network (Cloudflare)

To speed up delivery and protect our infrastructure, we use Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) as our CDN. Cloudflare acts as a reverse proxy between visitors and our web server — all requests to this website are routed through Cloudflare's network first.

Cloudflare processes on our behalf: IP address, requested URLs, HTTP status codes, referrer URL, browser type, operating system, and request timestamps.

Cloudflare is certified under the EU–US Data Privacy Framework. A Data Processing Addendum (DPA) under Art. 28 GDPR has been concluded. See cloudflare.com/privacypolicy.

Analytics & Tracking

This website uses no analytics or tracking tools. No user profiles are created.

Data Protection Officer

No Data Protection Officer has been appointed, as one is not required by law for the processing activities described.

Supervisory Authority

The competent supervisory authority under GDPR is determined by the location of the controller:

The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany