Privacy policy.

In short

This site is a private blog. No login, no account, no personalised content, no advertising. Server logs and reach measurement only process what's technically necessary or fully anonymised — details below.

Controller

Contact: [email protected]

Hosting

The site is hosted with Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (server location: Nuremberg, DE). A data processing agreement is in place per Art. 28 GDPR. Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in operating the site securely).

Server logs

On each request, the web server automatically logs IP address, timestamp, requested URL, user agent and referer. This is technically necessary to detect attacks and maintain stability (Art. 6 (1)(f) GDPR). Logs are deleted automatically after at most 90 days.

Reach measurement with Umami

A self-hosted instance of Umami Analytics runs on the same Hetzner server. Umami works without cookies, truncates IP addresses before storage and builds no user profiles — only aggregated statistics (page views, referrer, device and browser type).

Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in cookieless reach measurement). Because no cookie is set and no information is stored on or read from your device, no consent is required under §165 (3) Austrian Telecommunications Act. If you'd rather not be counted, enable the “Do Not Track” header in your browser — Umami honours it automatically.

Locally stored settings

The site keeps two values in your browser:

• theme (local storage) — remembers your theme choice (auto / light / dark)
• NEXT_LOCALE (cookie) — remembers your language choice (Deutsch / English), technically required for routing

Both are purely technical, no tracking, no third party, no personal data processing. You can clear both via your browser settings at any time.

Keystatic / GitHub OAuth

A content editor lives under /keystaticand is only used by the site owner. Sign-in uses GitHub OAuth. Site visitors never interact with this — no visitor data is ever sent to GitHub. When the editor signs in, a third-country transfer to the US takes place, protected by GitHub's EU Standard Contractual Clauses.

External content (maps, fonts)

The map view at /karte loads map tiles from OpenFreeMap (hosted in the EU). Loading tiles necessarily transmits your IP address to OpenFreeMap — no profiles are built and no cookies are set there. Fonts (Inter) are served locally from this domain; no request goes to Google Fonts.

Your rights

Under GDPR you have the right to:

• Access information about your data (Art. 15)
• Correction of inaccurate data (Art. 16)
• Erasure (Art. 17)
• Restriction of processing (Art. 18)
• Data portability (Art. 20)
• Object to processing (Art. 21)

To exercise these rights, an informal email to [email protected] is enough.

Right to lodge a complaint

You may lodge a complaint with the Austrian data protection authority at any time if you believe the processing of your data violates the GDPR.