Privacy Policy
Last updated: January 12, 2026
Privacy Policy (Draft)
Notice: Draft text, not legally reviewed. Please have counsel confirm.
Controller
Tim Becker
Wingertstr. 2b, 61137 Schöneck, Germany
Email: [email protected]
Data processed
- No personal data is actively collected.
- Essential storage for language/theme (cookie or localStorage).
- No analytics, no marketing tracking, no profiling.
Hosting / CDN (Cloudflare Pages)
- Hosting & delivery via Cloudflare Pages + CDN (global edge network, EU-preferred nodes).
- CDN logs may include IP address, timestamp, URL/referrer, user-agent, TLS status; no marketing use.
- Legal basis: Legitimate interests, Art. 6(1)(f) GDPR (secure and performant delivery).
- International transfers possible (Cloudflare edge outside EU); basis: SCC + DPA with Cloudflare (please confirm contractually).
Purpose & legal basis
- Provide the website (legitimate interests, Art. 6(1)(f) GDPR).
- Store language/theme preference (essential cookies/localStorage, legitimate interests, Art. 6(1)(f) GDPR).
Recipients / disclosure
- No disclosure to third parties.
- Hosting/CDN: Cloudflare (Pages + Edge). Logs as noted; no further disclosure.
Retention
- Session cookies: session-only. Language/theme storage: until user deletes or expiry (12 months, please confirm).
- CDN/server logs (Cloudflare): IP, timestamp, URL, user-agent; retention up to 14 days (please confirm/configure).
Cookies & local storage (essential)
| Name | Purpose | Type | Duration | Legal basis |
|---|---|---|---|---|
lang | Remember language choice | Cookie/LocalStorage | 12 months (please confirm) | Legitimate interests Art. 6(1)(f) |
theme | Remember light/dark mode | LocalStorage | 12 months (please confirm) | Legitimate interests Art. 6(1)(f) |
__cf_bm / cf_clearance (if enabled) | Bot/DDoS protection (Cloudflare) | Cookie | Up to 1 day (please confirm) | Legitimate interests Art. 6(1)(f) |
Data subject rights (Art. 15-21 GDPR)
- Access, rectification, erasure, restriction, objection, data portability.
- Complaint to supervisory authority: HBDI (Hesse, Germany), Postfach 3163, 65021 Wiesbaden, https://datenschutz.hessen.de
International transfers
- Cloudflare edge may process outside the EU; basis SCC + DPA (please confirm documentation).
Security
- TLS/HTTPS for transport encryption.
- Regular patches/updates on the hosting platform (managed by Cloudflare).
Last updated
- Draft; set date after legal approval.
(Please adjust after legal review.)