Data controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
David Leeuwestein
c/o Block Services
Stuttgarter Str. 106
70736 Fellbach
Germany
Email: [email protected]
Overview
This site processes personal data only to the extent technically necessary to operate the offering. There is no tracking, no advertising, no analytics cookies, and no newsletter sign-up.
Hosting and connection data
This site is hosted on Cloudflare Pages, a service of Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. Cloudflare operates a global content-delivery network and handles delivery of this site’s content as well as protection against abusive use (e.g. DDoS attacks).
When you visit, Cloudflare processes technically necessary connection data, typically:
- the IP address of the requesting device
- date and time of the request
- the requested URL and referrer URL (if transmitted)
- the user agent (browser and operating-system information)
- the amount of data transferred and the HTTP status code
Cloudflare stores these data for short periods, primarily for the detection and mitigation of security incidents. These data are not combined with any other data sources on my side.
Legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in the secure and reliable operation of the site).
Processing agreement: A data processing agreement under Art. 28 GDPR is in place with Cloudflare (Cloudflare Customer DPA).
Transfer to the USA: Cloudflare processes data partly on servers in the USA. Cloudflare is certified under the EU-U.S. Data Privacy Framework (DPF list), making transfers to the USA permissible under Art. 45 GDPR. See Cloudflare’s privacy policy for more information.
Local browser storage (localStorage)
This site uses the browser’s localStorage to implement two small convenience features:
- theme preference (
pref-theme): remembers whether you prefer light or dark mode. - menu scroll position (
menu-scroll-position): on narrow screens, remembers the horizontal scroll position of the navigation.
These data stay on your device and are not transmitted to the server. You can clear them at any time through your browser settings.
Embedded third-party content
This site does not load any third-party content. All fonts, scripts, and graphics are served directly from the same server as the content itself. Visiting a page does not transmit any data to third parties.
RSS feed
This site offers an RSS feed at /index.xml. When you fetch the feed, the same notes apply as for ordinary page requests (see Hosting and connection data above).
Your rights as a data subject
Under the GDPR you have the following rights:
- Right of access (Art. 15 GDPR) to data concerning you
- Right to rectification of inaccurate data (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR), insofar as no statutory retention obligations conflict
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to processing (Art. 21 GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The competent authority is usually the supervisory authority of the federal state in which you live, or the supervisory authority [responsible authority, e.g. Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, Holstenstraße 98, 24103 Kiel, Germany].
To exercise these rights, an informal email to [email protected] is sufficient.
Status
This privacy policy is dated April 2026 and will be updated when the offering or the legal situation changes.