Legal

Privacy Policy


1. Controller

The controller within the meaning of the GDPR is:
Elmar Seestädt, Im Wiesengrund 14, 25474 Ellerbek, Germany
Email: [email protected]
Phone: +49 179 1458941

2. Data minimisation

This website is designed for data minimisation. No cookies are set for advertising or profiling purposes. Analytics is performed only after your explicit consent and without cookies.

3. Hosting & encryption

This website is hosted entirely on the Cloudflare Pages platform (Cloudflare, Inc.); no other hosting provider is involved. When the site is accessed, technically necessary server log data is processed (e.g. time, requested resource, browser type). The IP address is processed in full for a short period to deliver the site and to defend against attacks (e.g. DDoS), but is not stored permanently. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in secure, reliable operation). A data processing agreement pursuant to Art. 28 GDPR is in place with Cloudflare; appropriate safeguards for third-country transfers (EU standard contractual clauses) apply.

For security reasons and to protect the transmission of confidential content (e.g. your enquiries via the contact form), this website uses TLS encryption throughout (“HTTPS”, indicated by the lock symbol in your browser's address bar). Unencrypted transmission is not possible (HSTS).

4. Fonts (self-hosted)

All fonts (Newsreader, Public Sans, IBM Plex Mono) are served locally from this website's server. There is no connection to Google Fonts or other third parties; no data is transferred for this purpose.

5. Analytics with Umami (consent only)

If you consent via the banner, we use the open-source web analytics software Umami, which we operate ourselves on our own hardware in Germany (analytics.seestaedt.works) — your data is transferred neither to an external analytics service nor to a server hosting provider; delivery is routed via the Cloudflare network (see section 3). Umami works without cookies and collects anonymous usage statistics (e.g. page viewed, referrer, approximate region, device type) as well as anonymous interaction events (e.g. submitting the contact form) to improve the website. IP addresses are not stored and no personal profiles are created. The legal basis is your consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG). You can withdraw consent at any time with future effect via “Cookie settings” in the footer.

To store your choice, a technically necessary entry is placed in your browser's local storage (localStorage, key “es-consent”). It serves only to avoid showing the banner again and contains no personal data.

6. Contact form & email

If you use the contact form or email us, we process the data you provide (name, email address, optionally role and company, and your message) to handle your request. The legal basis is Art. 6 (1) (b) GDPR (initiation/performance of a contract) or (f) GDPR (responding to your enquiry). Delivery is via email through our mailbox hosted with Zoho (Zoho Corporation B.V., Utrecht, Netherlands; data stored in EU data centres). A data processing agreement pursuant to Art. 28 GDPR is in place with Zoho. You receive a copy of your enquiry in Cc at the email address you provide. Data is deleted once your request has been handled and no statutory retention obligations apply.

7. Your rights

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18) and data portability (Art. 20 GDPR). You may withdraw any consent you have given at any time with future effect (Art. 7 (3) GDPR). You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Right to object (Art. 21 GDPR): Where we process personal data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object to this processing at any time on grounds relating to your particular situation.

8. Status

This privacy policy is dated July 2026 and will be updated as needed.