Privacy Policy

Preamble

With the following privacy policy, I would like to inform you, in accordance with the requirements of the European General Data Protection Regulation (GDPR) , about the types of personal data I process, for what purposes, and to what extent. Regarding the definition of terms such as personal data or processing, I refer to Article 4 para. 1 GDPR .

Status: February 16, 2026

Table of Contents

1. Responsible

The controller within the meaning of Article 4 para. 7 GDPR , other data protection laws applicable in the member states of the European Union, and other provisions of a data protection nature is:

  • hcabuR rekloV
  • 52457917 134 94+
  • 96158324 151 94+
  • ed.hcaburv@hcabur.reklov

2. Website

2.1. Collection of access data

When you visit my website, the browser used on your device automatically sends information to the web server that delivers my website. This information is temporarily stored in a so-called log file and saved until it is automatically deleted. This data is not stored together with other personal data about you in accordance with Article 4 para. 1 GDPR .

The following data is processed when you visit my website:

  • IP address (fully anonymized)
  • Date and time of access
  • Browser type and version used
  • Operating system of the accessing computer
  • Referrer URL (the previously visited page)
  • Requesting provider (through which the computer accesses the website)

2.2. Reason for collecting access data storage

By analyzing the access data, I am able to obtain information about the use of my website.

This helps me improve the following points:

  • Website optimization
  • To make the website user-friendly
  • Safety measures
  • Avoiding spam and abuse
  • Uninterrupted and safe operation

2.3. Duration of access data storage

See relevant information in Section 5. General information on data storage and deletion.

3. Contact form and Email

3.1. Collection of communication data

When contacting me (e.g. via contact form, email, telephone, or social media), the details of the inquiring persons will be processed to the extent necessary to respond to the contact requests. This data will not be stored together with other personal data about you in accordance with Article 4 para. 1 GDPR .

The following data will be processed when you contact me:

  • Contact details (e.g. email addresses or phone numbers)
  • Content data (e.g. text or image messages and related information)
  • Meta, communication and procedural data (e.g. IP addresses, time stamps, persons involved)

3.2. Reason for collecting communication data storage

  • Communication
  • Organizational and administrative procedures
  • Feedback

3.3. Duration of communication data storage

See relevant information in Section 5. General information on data storage and deletion.

4. Legal basis

The legal basis for the processing of personal data is Article 6 para. 1 letter f GDPR .

5. General information on data storage and deletion

I delete personal data that I process in accordance with legal requirements as soon as the underlying consent is revoked or there is no further legal basis for processing. This applies to cases in which the original purpose of processing no longer applies or the data is no longer required. Exceptions to this rule exist if legal obligations or special interests (defense against a cyber attack, preliminary investigations) require longer storage or archiving of the data.

In particular, data that must be retained for commercial or tax reasons, or whose storage is necessary for legal prosecution or to protect the rights of other natural or legal persons, must be archived accordingly.

Since the legislator does not specify any time limits for the storage period of log files, in practice, storage for a period of seven days has been considered sufficient. However, significantly longer storage periods of up to 30 days are conceivable. The log files created on the web server are automatically deleted after 7 days.

6. Security measures

The measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling electronic access to the data as well as access, disclosure, availability, and separation.

To protect your data transmitted when using my website from unauthorized access, I use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website server and your browser, protecting the data from unauthorized access. The further development of TLS (a more secure version of SSL) ensures that all data transmissions meet the highest security standards. If a website is secured by an SSL/TLS certificate, this is indicated by the display of HTTPS in the URL. This serves as an indicator for you that your data is being transmitted securely and encrypted.

7. Rights as a data subject

As a data subject, you have the following rights:

7.1. Right to information

You have the right to information about whether and which personal data concerning you is processed by me (Article 15 GDPR ).

7.2. Right to rectification

You have the right to rectification and/or completion if the personal data concerning you is inaccurate or incomplete (Article 16 GDPR ).

7.3. Right to erasure

You have the right to request the immediate erasure of personal data concerning you (Article 17 GDPR ).

7.4. Right to restriction

You have the right to request the restriction of the processing of your personal data if, for example, the processing is unlawful or if you object to the processing (Article 18 GDPR ).

7.5. Right to notification obligation

You have the right to be notified of any rectification, erasure, or restriction of processing of your personal data pursuant to Articles 16, 17(1), and 18 to other recipients, insofar as the data have been disclosed, unless this proves impossible or involves disproportionate effort. If you request it, I am obliged to inform you about the other recipients (Article 19 GDPR ).

7.6. Right to data portability

You have the right to receive the personal data concerning you, in accordance with the legal requirements, in a structured, commonly used and machine-readable format or to request its transmission to another controller, provided that the processing is based on consent pursuant to Article 6 para. 1 letter a GDPR  or Article 9 para. 2 letter a DSGVO  (Article 20 GDPR ).

7.7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 para. 2 letter f GDPR  (Article 21 GDPR ).

8. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR , in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of personal data concerning you violates the provisions of the GDPR.

9. Data sharing

Your personal data will not be transferred to third parties for purposes other than those listed, and I will only pass on personal data to third parties if:

10. Data transfer to third countries

My website contains links to social media profiles of providers (LinkedIn, X) located in third countries (USA). Personal data may therefore be transferred to these countries. I ensure that this transfer is based on adequacy decisions or appropriate safeguards (e.g., standard contractual clauses) pursuant to Articles 44-49 GDPR  to guarantee an adequate level of data protection.

11. Social networks

I maintain online presences within social networks and process user data in this context in order to communicate with users or offer information about myself.

Please note that user data may be processed outside the European Union. This may pose risks for users, as it could, for example, make it more difficult to enforce their rights.

Furthermore, user data within social networks is generally processed for market research and advertising purposes. For example, user profiles can be created based on usage patterns and the resulting user interests. These profiles may then be used to display advertisements both within and outside the networks that are presumably tailored to the users' interests. Therefore, cookies are typically stored on users' computers to record their usage patterns and interests. Additionally, user profiles can also store data independent of the devices used by the users (especially if they are members of the respective platforms and logged in).

For a detailed description of the respective processing methods and the options for objecting (opt-out), I refer to the privacy policies and information provided by the operators of the respective networks.

Regarding requests for information and the assertion of data subject rights, we would like to point out that these can be most effectively addressed directly to the service providers. Only the latter have access to user data and can take appropriate action and provide information directly.

11.1. LinkedIn

I am jointly responsible with LinkedIn Ireland Unlimited Company for collecting (but not further processing) visitor data used to generate the 'Page Insights' (statistics) of my LinkedIn profile. This data includes information about the types of content users view or interact with, as well as their actions. Details about the devices used are also collected, such as IP addresses, operating system, browser type, language settings, and cookie data, along with information from user profiles, such as job title, country, industry, hierarchical level, company size, and employment status. Information regarding LinkedIn's processing of user data can be found in LinkedIn's Privacy Policy .

I have entered into a specific agreement with LinkedIn Ireland (Page Insights Joint Controller Addendum ) which, in particular, regulates the security measures LinkedIn must observe and in which LinkedIn has agreed to fulfill the rights of data subjects (i.e., users can, for example, submit requests for information or deletion directly to LinkedIn). The rights of users (in particular the right to information, erasure, objection, and to lodge a complaint with the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint controllership is limited to the collection and transfer of data to LinkedIn Ireland Unlimited Company, a company based in the EU. Further processing of the data is the sole responsibility of LinkedIn Ireland Unlimited Company, in particular with regard to the transfer of data to its parent company, LinkedIn Corporation, in the USA.

Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland

Legal basis: Legitimate interests (Article 6 para. 1 letter f GDPR )

Website: https://www.linkedin.com/ 

Privacy policy: https://www.linkedin.com/legal/privacy-policy/ 

Grundlage Basis for third-country transfers: Data Privacy Framework (DPF), Standard Contract Clauses (https://legal.linkedin.com/dpa/ )

Right to object (Opt-Out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out/ 

11.2. Xing

Service provider: New Work SE, Baumwall 7, 20459 Hamburg, Germany

Legal basis: Legitimate interests (Article 6 para. 1 letter f GDPR )

Website: https://www.xing.com/ 

Privacy policy: https://privacy.xing.com/en/privacy-policy/ 

Right to object (Opt-Out): https://nats.xing.com/optout.html 

11.3. X (formerly Twitter)

Service provider: X Internet Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Legal basis: Legitimate interests (Article 6 para. 1 letter f GDPR .)

Website: https://x.com/ 

Privacy policy: https://twitter.com/de/privacy/ 

12. Tools

12.1. Cookies

My website does not use cookies. Neither technically necessary nor tracking, marketing or analytics cookies are used.

12.2. Analysis tool Webalizer

On my website, I use the analytics tool Webalizer for statistical analysis of visitor traffic. Webalizer analyzes the log files stored on the web server (e.g. date/time, pages visited, country). The generated information is anonymized, so no conclusions can be drawn about your identity. It is not combined with other data sources. The data is used solely to tailor the website to the target audience and to fix technical errors.

13. Webhoster

13.1. Rented storage space

To provide my online services, I use storage space, computing capacity and software that I have rented from a suitable server provider, commonly called a web host.

13.2. Legal basis

There is a legitimate interest in processing personal data in connection with the use of the web host's services, according to Article 6 para. 1 letter f GDPR .

13.3. Collection of access data

Access to the website is logged by the web host in so-called server log files, which record the following information:

  • Address and name of the accessed web pages and files
  • Date and time of retrieval
  • Transferred data volumes
  • Notification of successful retrieval
  • Browser type and version used
  • Operating system of the accessing computer
  • Referrer URL (the previously visited page)
  • IP address
  • Requesting provider (through which the computer retrieves the website)

13.4. Reason for collecting access data

The server log files can be used by the web host for security purposes, e.g. to avoid overloading the servers (especially in the case of malicious attacks, so-called DDoS attacks) and to ensure the utilization and stability of the servers.

13.5. Duration of access data storage

Server log files are stored for a maximum of 30 days and then deleted or anonymized. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been fully resolved.

13.6. Email (receiving/sending/storage)

The web hosting services I use also include sending, receiving, and storing emails. For these purposes, the addresses of the recipients and senders, as well as other information relating to email transmission (e.g. the providers involved) and the content of the respective emails, are processed. The aforementioned data may also be processed for spam detection purposes.

Please note that emails are generally not encrypted when sent over the internet. While emails are usually encrypted during transmission, they are not encrypted on the servers from which they are sent and received (unless end-to-end encryption is used). Therefore, I cannot assume any responsibility for the security of emails during transmission between the sender and their arrival at my web host's email server.

13.7. Service provider

ALL-INKL.COM - Neue Medien Münnich, Owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany

Website: https://all-inkl.com/ 

Privacy policy: https://all-inkl.com/datenschutzinformationen/ 

Data Processing Agreement: Provided by the service provider.