Commit b1bff670 authored by Nicolas Lenz's avatar Nicolas Lenz

update legal shenanigans :(

parent a05c7c29
Pipeline #825 passed with stage
in 9 seconds
......@@ -8,6 +8,7 @@ This imprint applies to the following public web services I provide:
- My main website and blog: <https://www.eisfunke.com>
- My other website: <https://www.online-lenz.de>
- The site of the podcast "Das System ist das Problem": <https://www.systemproblem.de>
- My GitLab: <https://git.eisfunke.com>
- My Discourse forum: <https://forum.eisfunke.com>
- The travel blog of friends of mine: <https://a-way.world>
......
......@@ -4,7 +4,7 @@ title: Privacy
# TL;DR
I'm not interested in your data and I don't save any of it that's not needed for my websites to work. If you have any questions about your data, do not hesitate to contact me.
I'm not interested in your data and I don't save any of it that's not needed for my websites to work. I keep some anonymized statistics in some places to get a grip on how often my sites are used. If you have any questions about your data, do not hesitate to contact me.
# The annoying part
......@@ -14,6 +14,7 @@ This privacy statement is applicable to the following public web services I prov
- My main website and blog: <https://www.eisfunke.com>
- My other website: <https://www.online-lenz.de>
- The site of the podcast "Das System ist das Problem": <https://www.systemproblem.de>
- My GitLab: <https://git.eisfunke.com>
- My Discourse forum: <https://forum.eisfunke.com>
......@@ -31,25 +32,33 @@ Phone: 0231-20628758
### Security
All my services are only available using modern and state-of-the-art end-to-end encryption using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [HTTPS](https://en.wikipedia.org/wiki/HTTPS), meaning that nobody, like providers and attackers, should be able to read the contents of any communications between my services and you.
All my services are only available using modern and state-of-the-art end-to-end encryption using [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [HTTPS](https://en.wikipedia.org/wiki/HTTPS), meaning that nobody, like providers and attackers, should be able to read the contents of any communications between my services and you. The software these services are running on is kept up-to-date.
However, please keep in mind that even state-of-the-art technology can have security holes. Therefore, a gapless protection of all data cannot be guaranteed.
### Hosting
My websites <https://online-lenz.de>, <https://eisfunke.com> and <https://assets.eisfunke.com> are hosted on a virtual server provided by [Netcup GmbH](https://netcup.de).
All my services are served from my homeserver completely under my control. The internet connection is provided by [Telekom Deutschland GmbH](https://telekom.de). As mentioned, all my services are only available over encrypted connections, so they should only be able to collect meta information like the times of visits to my sites, something your own internet service provider is capable of anyway though.
As that server is not under my direct control, please consult the absolutely beautiful and not at all beaurocratic and superfluous [additional agreement concerning the mandated processing of data (in German)](/res/dsgvo-netcup.pdf).
An exception are some larger media files (images, audio files on [systemproblem.de](https://www.systemproblem.de) that are instead served from [Uberspace](https://uberspace.de) to spare my connection some. Please consult their own [privacy statement](https://uberspace.de/en/about/privacy/) and the absolutely beautiful and not at all beaurocratic and superfluous additional agreement concerning the mandated processing of data (in German) for details.
All my other services are served from my homeserver completely under my control. The internet connection is provided by [Telekom Deutschland GmbH](https://telekom.de). As mentioned, all my services are only available over encrypted connections, so they should only be able to collect meta information like the times of visits to my sites, something your own internet service provider is capable of anyway though.
### What data is collected
### Metadata
In general, my servers do not keep any access logs. That means that under normal cicrumstances I do not know when somebody used my websites. I do however keep error logs for diagnostic purposes which contain the IP address of the client that caused the error. These logs are deleted regularly.
My servers do not keep any access logs. That means that under normal cicrumstances I do not know when somebody used my websites. I do however keep error logs for diagnostic purposes which contain the IP address of the client that caused the error. These logs are deleted regularly.
<https://git.eisfunke.com> and <https://forum.eisfunke.com> naturally have to save data when registering. That includes your IP address, mail address and chosen username.
I don't use any analytic tools to keep track of you.
#### systemproblem.de
<https://git.eisfunke.com> and <https://forum.eisfunke.com> naturally have to save data when registering. That includes your IP address, mail address and chosen username.
This page uses Podlove Publisher that tracks download statistics. IP adresses are used to determine an estimated geographic location (city or state level).
IP addresses are stored temporarily (up to 48 hours) as part of a request id. This is necessary because the podcast owner needs to know how often episodes are downloaded to prove the viability of her/his endeavours.
To determine a realistic download number, the system must be able to recognise repeated access to the same file by the same user. The only reliable way to achieve this is by considering the IP address in combination with the User Agent. Using an anonymised IP address is not possible because it would lead to wrong results. An access to the same file by the same user on different days can be considered separate downloads, therefore it is necessary to store IPs for only up to 48 hours.
After 48 hours request ids are salted in a way that makes it impossible to restore the original IP address.
The User Agent is stored as well.
### User content
......@@ -63,9 +72,9 @@ Cookies are small files saved in your browser by websites. That is necessary to
When you write me an e-mail, I of course have to process the mails data, including your e-mail address, to be able to read and reply to your message. Like every recipient of any e-mail has to.
### Third parties
### Merging and third parties
I do not sell, trade or transfer any data to third parties.
I do not sell, trade or transfer any data to third parties. Data collected by any of my sites is never merged or compared with data of other sites.
## Your rights
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment