Privacy Policy

1. Controller

The controller within the meaning of the EU General Data Protection Regulation (GDPR) is: Christian Musanke Nerongsallee 44 24939 Flensburg Germany

Email: kontakt@christianmusanke.de

⸻

2. Hosting & Content Delivery (Vercel)

This website is hosted by Vercel and delivered via a global content delivery network (CDN). The provider is Vercel Inc., USA, potentially with affiliated companies/subprocessors in the EU/EEA. In the course of providing the service, Vercel in particular processes: • server and edge log data (see Section 3), • technical meta/communication data (e.g., IP address, timestamps, requested URL, HTTP status), • security-relevant events (e.g., DDoS protection, error messages).

Purposes: Operation, delivery and security of the website, load balancing, error diagnostics, abuse/attack detection. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and efficient provision of the website). Recipient: Vercel as a processor pursuant to Art. 28 GDPR. Third-country transfer: A transfer to third countries (in particular the USA) may occur. This is based on appropriate safeguards within the meaning of Art. 46 GDPR, in particular Standard Contractual Clauses (SCC). Where the provider is certified under the EU-U.S. Data Privacy Framework, the transfer is additionally based on that framework.

⸻

3. Server log files

When you access the website, the hosting/CDN provider automatically logs the following data: • IP address of the requesting device, • date and time of the request, • time zone difference to GMT, • requested URL/request line and, where applicable, referrer URL, • HTTP status code, transferred data volume, • user agent (browser, operating system, device type), • where applicable, error/diagnostic IDs.

Purposes: Technical provision, stability, security (e.g., defense against attacks), error analysis. Legal basis: Art. 6(1)(f) GDPR. Retention period: Log data is stored for up to 30 days and then deleted; in the event of security-relevant incidents, longer storage may occur for evidence purposes.

⸻

4. Cookies, local storage & similar technologies

This website does not use consent‑required tracking or marketing cookies. If certain technically necessary cookies or equivalent local storage techniques (e.g., Local Storage) are required to operate the site, they are used solely for functionality (e.g., session management, security). Legal basis: Section 25(2) no. 2 TTDSG in conjunction with Art. 6(1)(f) GDPR.

⸻

5. Contact via email

If you contact us by email, we process your information (e.g., email address, content, signature data) to handle your request.

Legal basis: • Art. 6(1)(b) GDPR (pre‑contractual/contractual communication), or • Art. 6(1)(f) GDPR (legitimate interest in processing inquiries).

Retention period: Correspondence is deleted after the request has been completed and, where applicable, in compliance with statutory retention periods.

⸻

6. Newsletter

We do not send newsletters and do not transfer data to newsletter service providers for this purpose.

⸻

7. Web analytics, tracking, advertising networks

No web analytics or tracking services are used (e.g., no Google Analytics, no Matomo). There is no profiling and no user‑based marketing.

⸻

8. Embedded third‑party content / external services

The website currently does not embed external content or widgets (e.g., YouTube videos, social media plugins, map services) that would transmit data to third parties upon access.

⸻

9. Fonts

Fonts are hosted locally and served from our servers. No connection is made to third‑party providers (e.g., Google Fonts).

⸻

10. User accounts, comments, forms

There is no registration option, no user accounts, and no comment or other input forms on this website.

⸻

11. Obligation to provide data

The provision of your data is not legally or contractually required for the mere visit to the website; however, without the processing of technically necessary data (in particular IP address), delivery of the website is not possible.

⸻

12. Automated decision‑making / profiling

There is no automated decision‑making including profiling within the meaning of Art. 22 GDPR.

⸻

13. Data security

We take technical and organizational measures (e.g., TLS encryption, access restrictions, logging) to protect your data in accordance with the state of the art.

⸻

14. Your rights

Under the GDPR, you have the following rights regarding your personal data: • access (Art. 15 GDPR), • rectification (Art. 16 GDPR), • erasure (Art. 17 GDPR), • restriction of processing (Art. 18 GDPR), • data portability (Art. 20 GDPR), • object to processing based on Art. 6(1)(f) GDPR (Art. 21 GDPR).

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR), in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

⸻

15. Changes to this Privacy Policy

We will amend this Privacy Policy as soon as changes in our data processing make this necessary. The current version is available here.

Last updated: 2026