I’m not interested in your data and I don’t save any of it that’s not needed for my websites to work. I keep some anonymized statistics in some places to get a grip on how often my sites are used. If you have any questions about your data, do not hesitate to contact me.
The annoying part
Now, thanks to the European General Data Protection Regulation (GDPR) I have to provide this superfluous privacy statement. It caused me serious pain while writing (I hate beaurocracy) and nobody will ever read it. By the way, meanwhile Facebook, Microsoft, Google & Friends are still unethically collecting everybody’s data in bulk pretty much undisturbed. Oh, and a lot of small sites had to close due to this beaurocracy, pushing their users to said corporations. Anyway – enjoy!
This privacy statement is applicable to the following public web services I provide:
- My main website and blog: https://www.eisfunke.com
- My other website: https://www.online-lenz.de
- The site of the podcast “Das System ist das Problem”: https://www.systemproblem.de
- My GitLab: https://git.eisfunke.com
- My Discourse forum: https://forum.eisfunke.com
Stockumer Str. 18
E-Mail: firstname.lastname@example.org (please be aware that this address is subject to change)
All my services are only available using modern and state-of-the-art end-to-end encryption using TLS and HTTPS, meaning that nobody, like providers and attackers, should be able to read the contents of any communications between my services and you. The software these services are running on is kept up-to-date.
However, please keep in mind that even state-of-the-art technology can have security holes. Therefore, a gapless protection of all data cannot be guaranteed.
All my services are served from my homeserver completely under my control. The internet connection is provided by Telekom Deutschland GmbH. As mentioned, all my services are only available over encrypted connections, so they should only be able to collect meta information like the times of visits to my sites, something your own internet service provider is capable of anyway though.
An exception are some larger media files (images, audio files on systemproblem.de that are instead served from Uberspace to spare my connection some. Please consult their own privacy statement and the absolutely beautiful and not at all beaurocratic and superfluous additional agreement concerning the mandated processing of data (in German) for details.
What data is collected
In general, my servers do not keep any access logs. That means that under normal cicrumstances I do not know when somebody used my websites. I do however keep error logs for diagnostic purposes which contain the IP address of the client that caused the error. These logs are deleted regularly.
This page uses Podlove Publisher that tracks download statistics. IP adresses are used to determine an estimated geographic location (city or state level).
IP addresses are stored temporarily (up to 48 hours) as part of a request id. This is necessary because the podcast owner needs to know how often episodes are downloaded to prove the viability of her/his endeavours.
To determine a realistic download number, the system must be able to recognise repeated access to the same file by the same user. The only reliable way to achieve this is by considering the IP address in combination with the User Agent. Using an anonymised IP address is not possible because it would lead to wrong results. An access to the same file by the same user on different days can be considered separate downloads, therefore it is necessary to store IPs for only up to 48 hours.
After 48 hours request ids are salted in a way that makes it impossible to restore the original IP address.
The User Agent is stored as well.
When you write me an e-mail, I of course have to process the mails data, including your e-mail address, to be able to read and reply to your message. Like every recipient of any e-mail has to.
Merging and third parties
I do not sell, trade or transfer any data to third parties. Data collected by any of my sites is never merged or compared with data of other sites.
According to the GDPR you have the right to
- demand information about usage, the data collected and saved about you.
- demand restriction of collection of data related to you.
- demand deletion of data related to you, including date made public.
- complain at a supervising authority.
Please contact me if you want to utilize any of these rights and note that these rights are subject to restrictions and exceptions, e.g. when infeasible.
If you think anything is missing in this great and fun legal document, please contact me.