Revision of June 2nd, 2024

Privacy Statement

Preamble

When you use lucas-hinderberger.de as well as its subordinate sites (hereafter named “This Website”), personal data is collected and processed. This happens in the domain of the EU General Data Protection Regulation 2016/679 (hereafter named “GDPR”). This privacy statement informs you about how your personal data is handled, who is involved and what your rights are.

Controller

The Controller of the data processing is Lucas Hinderberger.

You can find their contact data in the imprint at:

https://lucas-hinderberger.de/imprint

Personal Data the Controller collects and processes

Website Logs

When visiting a website, your browser (or other HTTP client) sends a request to the server, and it automatically provides certain personal data to the server while doing so.

The following personal data will be collected when you visit This Website:

• Your IP address (necessary for routing the answer to your request back to you - this can identify you, if combined with other data like the records of your Internet Service Provider)
• Your username (if provided in your request)
• The Referrer (identifies which website you came from, if provided in your request)
• The User Agent (Information about which type of operating system and browser or other HTTP client you used to send your request, and in which version)

This data will be temporarily stored in a log file, along with:

• The point of time and duration of your request
• The requested URL and, if provided, URL parameters (a URL, or Unique Resource Locator, is an address that points to a particular resource on the Internet, such as a web site - this identifies the page you have requested)
• A status code (indicates whether the request was successful or whether it failed, and for what reason)
• The amount of data that was transmitted to you in response to your request

Purpose of Processing: Legitimate Interest (protection of the Controller and its Processor against illegal and abusive usage, e.g. to detect and mitigate Denial of Service attacks)

Storage Period: 7 days

Legal Basis: Art. 6(1) point f GDPR

The provision of aforementioned personal data is not founded in a statuatory or contractual requirement and it is not needed to enter into a contract.

You are not obliged to provide aforementioned personal data. Not providing your IP address has the consequence that you cannot directly access This Website. Notwithstanding - under the condition that this is not in conflict with applicable law - you are free to use an anonymization service or proxy server to conceal your IP address. Not providing further personal data has no consequence.

E-Mails

You can contact the Controller via e-mail. When sending an e-mail, certain personal data is transmitted alongside the e-mail, namely:

• Your e-mail address
• Any personal data that may be contained within your message

Purpose of Processing: Compliance with a Legal Obligation (minimum retention of correspondence for tax purposes), Legitimate Interest (ability to receive and answer to your e-mails; keeping correspondence for future reference within a reasonable timeframe).

Storage Period: 10 years, with the period starting at the end of the year a message was received

Legal Basis: Art. 6(1) points c and f GDPR

The provision of aforementioned personal data is not founded in a statuatory or contractual requirement and it is not needed to enter into a contract.

You are not obliged to provide aforementioned personal data. Not providing your e-mail address has the consequence that the Controller cannot answer your message. Not providing further personal data has no consequence.

Recipients of Personal Data

Your personal data will be processed by and/or provided to the following recipients:

• Web hosting and e-mail provider: Febas Inh. Roman Baumgärtner (www.febas.de)
• German courts and law enforcement agencies may receive your personal data if ordered by a court or necessary as part of a legal complaint

Transfer to a Third Country or International Organisation

The Controller will not transfer, and will not allow its Processors to transfer, your personal data to any Third Country or International Organisation as defined by the GDPR.

Your Rights towards the Controller

The GDPR grants you the following rights towards the Controller in regards of your personal data:

• Right to Access according to Art. 15 GDPR
• Right of Rectification according to Art. 16 GDPR
• Right of Erasure according to Art. 17 GDPR
• Right to Restriction of Processing according to Art. 18 GDPR
• Right to object to Processing according to Art. 21 GDPR
• Right to Data Portability according to Art. 20 GDPR

The Controller will receive and duely process each such request. To exercise your rights, you can contact the Controller using the contact data provided at the beginning of this document.

Right to lodge a complaint with a supervisory authority

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority.

You can for example contact the data protection authority at your place of residence or the supervisory authority responsible for the Controller.

The supervisory authority responsible for the Controller is the data protection authority of the state of Saxony (www.datenschutz.sachsen.de).

No Automated Decision-Making

The Controller does not perform automated decision-making as defined in Art. 22 GDPR.

Changes to this Privacy Statement

The Controller may need to make changes to this privacy statement from time to time. The up-to-date version can be retrieved at This Website. You can find the date of the latest change at the top of this page.

• Home
• Mail & GPG Keys
• Imprint
  
• Privacy Statement