Privacy Policy

1. Controller

Mathias Leonhardt, Gudrunstraße 106F, 22559 Hamburg, Germany
Email: mathias-leonhardt@gmx.de

Appointment of a data protection officer is not required.

2. Purpose and legal basis

The purpose of data processing is to provide and ensure the functionality of this website. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in providing a functional website). No consent is obtained.

3. Hosting and server log files

This website is hosted by GitHub Pages (GitHub Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA, a subsidiary of Microsoft Corporation). When you access this site, GitHub automatically collects the following technical data in server log files:

• IP address of the requesting device
• Date and time of access
• Requested page / URL
• Browser type and version
• Operating system
• Referrer URL (previously visited page)

This data is technically necessary to deliver the website and is typically deleted by GitHub within 30 days. For more information, see the GitHub Privacy Statement.

4. Recipients and third-country transfers

Personal data (specifically your IP address) is transmitted to the following recipient:

• GitHub Inc. / Microsoft Corporation (USA) – website hosting

All other resources (JavaScript libraries, CSS, fonts, formula rendering, illustrations) are served locally from this website – no contact is made to external CDNs, Google servers, or other third parties.

The transfer to the USA is based on the adequacy decision of the EU Commission pursuant to Art. 45 GDPR (EU-US Data Privacy Framework). GitHub/Microsoft is certified under the DPF. The validity of the DPF was confirmed by the European General Court on September 4, 2025 (Case T-553/23).

5. Cookies

This website sets no cookies of its own. No analytics, tracking, or advertising tools are used.

6. Storage duration

The controller does not store any personal data itself. The storage duration at the recipients listed in Section 4 is governed by their respective privacy policies. GitHub typically deletes server log files within 30 days.

7. Your rights

Under the GDPR, you have the following rights with respect to the controller:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

8. Web Analytics — GoatCounter

This website uses GoatCounter, a privacy-friendly web analytics service. GoatCounter does not use cookies and does not store IP addresses. Unique visits are determined via a daily hash of the visitor’s IP address and User-Agent string; this hash cannot be reversed and expires after 24 hours.

GoatCounter is operated by Martin Tournoij, based in the Netherlands. Data is processed on servers within the EU. The analytics script is served from our own server. When recording a page view, a request is sent to GoatCounter that includes your IP address. This IP is not stored. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in analysing website usage to improve our offering). For more information, see the GoatCounter Privacy Policy.

9. Embedded YouTube videos

Some pages on this website embed videos from YouTube. We use YouTube’s enhanced privacy mode (domain: youtube-nocookie.com). In this mode, YouTube states that it only sets cookies on your device when you actively play the video.

When the page loads, a connection is established to servers of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to provide the video player. Your IP address is transmitted to Google in the process. If you are logged into YouTube/Google, Google may associate the page visit with your account. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in an appealing presentation of our content). More information: Google Privacy Policy.

10. Right to object

Insofar as the processing of your personal data is based on Art. 6(1)(f) GDPR (legitimate interest), you have the right under Art. 21(1) GDPR to object to the processing at any time for reasons relating to your particular situation. Please direct your objection to the email address stated above.

11. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The competent authority is the Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Straße 22, 20459 Hamburg, Germany.

12. SSL encryption

This site uses SSL/TLS encryption for security reasons (recognizable by “https://” in the address bar).