Privacy Policy

Last updated: 08.11.2025

This page explains which data we process when you visit the website or contact us, and how we protect it.

Controller

Server log data: IP address (shortened/short-term), date/time, requested URL, referrer, HTTP status, user agent.
Communication data: contents of your email/request, your contact details (if provided).
Usage data (aggregated): pages viewed, dwell time, referrer-without cross-site tracking.

Provision, stability, and security of the website (logs, error/performance diagnostics).
Processing of email inquiries and contact requests.
Privacy-friendly, cookie-less analytics to improve the offering (no ad tech, no profiling).

Art. 6 (1) lit. b - contract/pre-contractual measures (responding to inquiries).
Art. 6 (1) lit. f - legitimate interests (secure, efficient website operation; abuse prevention).
Art. 6 (1) lit. a - consent (where required; revocable at any time).

Only if required in individual cases (e.g., CDN/support).
Then with appropriate safeguards (EU Standard Contractual Clauses, additional protective measures) and transparent information.

Server logs: generally 30-90 days; longer retention only in case of security incidents.
Emails/requests: as long as necessary for processing and to comply with legal obligations.

We process your details (content, sender address, optionally name/phone) solely to handle your request.
Legal basis depending on context: Art. 6 (1) lit. b (pre-contractual) or lit. f (legitimate interest in efficient communication).
Mandatory fields are marked; without them, processing may not be possible.

We only use analytics after your consent (opt-in). Before that, Consent Mode v2 is set to “denied”-no analytics cookies are stored.
No ad tech and no cross-site tracking by us. You can change your selection at any time (see “Withdrawal/opt-out”).

Service: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Possible transfers to Google LLC (USA) with EU Standard Contractual Clauses.
Consent Mode v2: default without cookies (“denied”). Only after consent are analytics cookies set; before that, only privacy-friendly, cookie-less pings occur.
Purpose: reach measurement, error/performance diagnostics, and quality improvement-without advertising profiling by us.
Data processed: pages and events (e.g., page_view), pseudonymous identifiers, browser/device info, referrer; IP anonymization is active.
Legal basis: Art. 6 (1) lit. a GDPR (consent). Consent can be withdrawn at any time with future effect.
Retention: event data up to 14 months (GA4 setting); aggregated, non-personalized reports may be retained longer.
Withdrawal/opt-out: open the “Cookie settings” at the page footer and adjust your selection.

Transport encryption (TLS), system hardening, least privilege, logging, encrypted backups.
Regular updates and reviews of technical and organizational measures.

Log data is technically necessary for secure operation.
When contacting us, we only collect what’s necessary; without it, processing may not be possible.

Access, rectification, erasure, restriction, data portability, objection (Art. 15-21 GDPR).
Withdrawal of consent with future effect.
Right to lodge a complaint with a data protection authority.