Privacy Policy

Last updated: March 2026

1. Controller

Patrick Bassner

c/o Postflex #10610

Emsdettener Str. 10

48268 Greven, Germany

Email: patrick@bassner.dev

2. General Information

This privacy policy explains what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you (Art. 4(1) GDPR).

SSL/TLS Encryption

This site uses SSL/TLS encryption for security. You can recognise an encrypted connection by the "https://" prefix and the lock icon in your browser's address bar.

Necessity of Data Provision

Visiting this website requires the transmission of technical data (in particular your IP address) to our hosting provider, as the website cannot be delivered without it. Any additional personal data you provide (e.g. via email) is voluntary.

3. Hosting and Content Delivery Network (CDN)

This website is hosted and delivered via the content delivery network (CDN) of Cloudflare, Inc. Cloudflare operates a globally distributed network of servers that cache and deliver website content from the server nearest to the visitor.

When you access this website, Cloudflare processes the following data:

  • IP address of the requesting device
  • Date and time of access
  • Requested URL and HTTP method
  • Amount of data transferred
  • Referrer URL
  • Browser type and operating system

Cloudflare processes this data as a data processor under a Data Processing Addendum (DPA). For Cloudflare's own processing purposes, please refer to the Cloudflare Privacy Policy.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure and performant website, including DDoS protection and CDN functionality).

4. Recipients of Personal Data

The following recipients may receive personal data in the course of operating this website:

  • Cloudflare, Inc. — as data processor for hosting and CDN
  • Email provider — if you contact me via email, your message is delivered through the respective email service

5. International Data Transfers

Cloudflare, Inc. is headquartered in the United States. On 10 July 2023, the European Commission adopted an adequacy decision for the EU-U.S. Data Privacy Framework (DPF). Cloudflare is certified under the DPF, providing a valid legal basis for the transfer of personal data to the USA.

Additionally, Cloudflare's DPA includes the EU Standard Contractual Clauses (SCCs) as a supplementary safeguard mechanism.

6. Cookies

This website does not set any cookies itself. However, depending on the security and performance features enabled, Cloudflare may set strictly necessary cookies, for example:

  • __cf_bm — bot management
  • cf_clearance — proof of passing a security challenge

These cookies are technically necessary for the operation of the website and are therefore exempt from the consent requirement under Section 25(2) TDDDG (German Telecommunications Digital Services Data Protection Act).

For more information about Cloudflare cookies, see: Cloudflare Cookie Documentation.

7. Email Contact

If you contact me via email, your email address, name (if provided), and message content will be processed in order to respond to your enquiry.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).

Your data will be deleted once the purpose of storage no longer applies, unless statutory retention obligations require otherwise.

8. Data Retention

Personal data is only stored for as long as necessary for the respective processing purpose. Server log data at Cloudflare is deleted in accordance with their retention policies. Email correspondence is deleted after the enquiry has been resolved, unless statutory retention obligations apply.

9. Automated Decision-Making

No automated decision-making, including profiling, within the meaning of Art. 22 GDPR takes place.

10. Your Rights

You have the following rights with respect to your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)

To exercise your rights, please contact: patrick@bassner.dev

11. Right to Lodge a Complaint

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR (Art. 77 GDPR).

The competent supervisory authority is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
www.lda.bayern.de

12. Authoritative Version

This privacy policy is available in German and English. In case of discrepancies between the two versions, the German version shall prevail.

Deutsche Fassung (Datenschutzerklärung) →