Privacy Policy

Last updated: August 25, 2025

1. Controller

J. Molzahn-Schultze
c/o Grosch Postflex #2347
Emsdettener Str. 10
48268 Greven

2. Hosting and Server Log Files

This website is hosted by Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin.
A data processing agreement pursuant to Art. 28 GDPR has been concluded with Strato.

When the website is accessed, Strato automatically collects data (so-called server log files):

  • IP address of the requesting computer
  • Date and time of access
  • URL/file name
  • Referrer URL
  • Browser and operating system used
  • Data volume transferred and access status

Purpose: error-free technical display, security, misuse prevention.
Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in secure operation).
Storage period: Strato stores IP addresses for 7 days, then anonymizes them.

3. Cookies

This website uses technically necessary cookies (e.g., for the WordPress comment function).
Legal basis: Art. 6 (1) lit. f GDPR in conjunction with § 25 (2) no. 2 TTDSG.

4. Contact

If you contact me by e-mail, the data you provide will be stored solely for processing your inquiry.
Legal basis: Art. 6 (1) lit. b GDPR.
Data will be deleted once the inquiry is completed, unless statutory retention periods apply.

5. Comments on the Blog

When leaving a comment, the following data are stored:

  • Name/pseudonym, e-mail address (if provided), comment text
  • Visitor’s IP address
  • User-Agent (browser/OS)

Purpose: spam prevention, legal prosecution in case of misuse.
Legal basis: Art. 6 (1) lit. b GDPR (user agreement for comments), lit. f GDPR (misuse prevention).
Comments remain permanently visible but can be deleted upon request.

5.1 Gravatar

Profile pictures are displayed using Gravatar, operated by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
The e-mail address used for the comment is transmitted to Gravatar in hashed form.
Legal basis: consent (Art. 6 (1) lit. a GDPR, § 25 (1) TTDSG).
Third-country transfer: USA; safeguarded through Standard Contractual Clauses (SCC).

5.2 Akismet (Spam Filter)

Spam detection uses the Akismet service (Automattic Inc., USA). Comment content, IP address and User-Agent are transmitted to servers in the USA.
Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest, spam prevention).
Third-country transfer: USA; safeguarded through SCC.

6. Google Fonts

This website uses Google Fonts for consistent font display. Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When the site is loaded, your browser retrieves the fonts directly from Google’s servers; this transfers your IP address.
Legal basis: consent (Art. 6 (1) lit. a GDPR, § 25 (1) TTDSG).
Third-country transfer: USA; safeguarded through Standard Contractual Clauses.
Note: Local embedding would prevent this data transfer.

7. YouTube Embeds

This website embeds videos from YouTube. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Parent company: Google LLC, USA.
When a video is played, data is transmitted to Google (IP address, referrer, cookies if applicable).
Embedding uses “privacy-enhanced mode,” which according to Google means no personalization cookies are set unless the video is played.
Legal basis: consent (Art. 6 (1) lit. a GDPR, § 25 (1) TTDSG).
Third-country transfer: USA; safeguarded through Standard Contractual Clauses.

8. Data Disclosure

Data is only transmitted to third parties if:

  • you have given consent (Art. 6 (1) lit. a GDPR),
  • it is legally required (Art. 6 (1) lit. c GDPR), or
  • it is necessary for contract performance (Art. 6 (1) lit. b GDPR).

9. Storage Periods

  • Server log files: 7 days at Strato
  • Comments: permanently, until the user requests deletion
  • Contact data: until inquiry is completed
  • Cookies: depending on type (session cookies until browser is closed)

10. Your Rights

Under the GDPR you have the right to:

  • Access (Art. 15)
  • Rectification (Art. 16)
  • Erasure (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Object (Art. 21)
  • Withdraw consent (Art. 7 (3))

You also have the right to lodge a complaint with the competent supervisory authority:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW), Kavalleriestraße 2-4, 40213 Düsseldorf.

11. Data Security

I implement technical and organizational measures to protect your data from manipulation, loss, unauthorized access, or misuse.

12. Changes to this Privacy Policy

I reserve the right to update this privacy policy if new technologies or legal requirements make it necessary.