Privacy Policy
We process personal data only to the extent necessary, in a transparent and purpose-driven manner. This page explains what data we process, for what purposes and which rights you have.
Last updated: 10/27/2025
Controller
Hosting
- Our website runs on infrastructure provided by a hosting provider.
- Technical meta/communication data (e.g. IP address) are processed to deliver the site and ensure stability and security.
- Legal basis: Art. 6(1)(f) GDPR (legitimate interests).
Access logs
- Requested URL, date/time, data volume, user agent, referrer, IP address (shortened/temporary).
- Log data are stored for a short period for troubleshooting and security and then deleted.
Cookies
- Currently we only use strictly necessary cookies (session, security).
- If we add optional services (e.g. analytics), we will ask for your consent first.
Contact
- When you contact us (e.g. via form or email) we process the data to handle your request.
- Legal bases: Art. 6(1)(b) GDPR (pre-contractual measures) and/or Art. 6(1)(f) GDPR (efficient communication).
Analytics
- We currently use **no** tracking or analytics tools.
- If this changes, we will update this page and request consent where required.
External services & APIs
- External content/services (e.g. fonts, maps, CDN) may process IP addresses to deliver content.
- We integrate privacy-friendly services and sign DPAs where possible.
Your rights
- Access, rectification, erasure, restriction
- Object to processing based on legitimate interest
- Data portability
- Withdraw consent
- Lodge a complaint with a supervisory authority
Retention
We retain personal data only as long as necessary for the respective purpose or as required by law.
Security
We apply technical and organizational measures (TLS encryption, access controls, etc.) to protect data against loss, misuse and unauthorized access.
Updates
We will update this notice when we introduce new features or legal requirements change.