Privacy Policy

Controller

Data processed when you visit the website

When the website is loaded, technical data may be processed to deliver the site securely and reliably. This can include IP address, request time, requested URL, referrer, browser type, device information, and server log data.

The legal basis is legitimate interest in operating, securing, and improving this website under Art. 6(1)(f) GDPR.

Contact form and email verification

If you use the contact form, the submitted name, email address, message, verification code, verification status, and timestamps are stored to verify the request, prevent misuse, and respond to the message.

Email is sent through the configured mail provider. Contact requests are kept only as long as needed for communication, documentation, and abuse prevention.

Local storage, cookies, and admin sessions

The public website stores language and theme preferences in your browser so the site can remember your selected language and visual mode. Admin-only areas use secure session cookies for authentication and account protection.

Google Analytics

This website uses Google Analytics to understand aggregate website usage and improve the site. Google may process device, browser, interaction, and approximate location data according to its own privacy terms.

You can reduce tracking by using browser privacy settings, blocking scripts, or using Google's browser add-on where available.

Maps, weather, media, and external services

Some public sections load third-party services or content. This can include Mapbox maps, Open-Meteo weather data, external webcam images, GitHub project links, LinkedIn links/share URLs, and Koalendar booking links. When those services are loaded or opened, the respective provider may receive technical data such as your IP address and browser information.

Uploaded post media, site assets, and CV files may be stored with a configured object storage provider and delivered through public asset URLs.

LinkedIn publishing integration

If a LinkedIn publishing integration is connected in the admin area, LinkedIn OAuth is used to request authorization from the connected LinkedIn member account. The application may store LinkedIn access tokens, account identifiers, selected post text, article links, and publication timestamps for the purpose of publishing or managing posts selected by the admin.

Access can be revoked through LinkedIn account settings or by disconnecting the integration once that feature is available in the admin area.

AI-assisted post editing

Admin users can choose to send post title, summary, content, and prompt text to an AI provider to draft or improve blog content. This processing only happens when an authenticated admin starts an AI action.

Legal bases

• Art. 6(1)(a) GDPR for consent-based integrations.
• Art. 6(1)(b) GDPR where processing is needed to respond to a request or provide a requested function.
• Art. 6(1)(f) GDPR for secure operation, abuse prevention, analytics, and improvement of the website.
• Art. 6(1)(c) GDPR where retention is required by law.

Your rights

Subject to the applicable legal conditions, you may request access, correction, deletion, restriction, portability, or object to processing of your personal data. You may also withdraw consent with effect for the future where processing is based on consent.

You also have the right to lodge a complaint with a competent data protection supervisory authority.

Updates

This policy may be updated when the website, third-party integrations, or legal requirements change. The date above shows the latest version.