Notice

I value your privacy. This site uses no cookies and collects only minimal, anonymized usage data for statistical purposes. No personal data is stored or shared with third parties.

For further information, please refer to the full Privacy Policy.

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our website, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering").

Last updated: 13.03.2026

Responsible Party

Nils Pisarsky
33609 Bielefeld
Germany

Email: privacy@nilspisarsky.de

Overview of Processing Activities

The following overview summarizes the types of data processed and the purposes of their processing, and refers to the data subjects.

Types of data processed:

  • Usage data (e.g., websites visited, interest in content, access times)
  • Meta/communication data (e.g., device information, IP addresses)
  • Contact data (e.g., email)

Categories of data subjects:

  • Visitors and users of the online offering

Purposes of processing:

  • Provision of our online offering and user-friendliness
  • Security measures
  • Managing and responding to inquiries

Legal Basis for Processing

Below, you will find an overview of the legal basis of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile.

  • Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR): Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
  • Legal Obligation (Art. 6 para. 1 sentence 1 lit. c GDPR): Processing is necessary for compliance with a legal obligation to which we are subject.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. These include, in particular, the Act on Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). The BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated individual decision-making, including profiling.

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs, and the nature, scope, circumstances, and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, ensuring availability, and segregation. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data compromise. Additionally, we consider the protection of personal data as early as the development or selection of hardware, software, and procedures in accordance with the principle of data protection by design and through data protection-friendly default settings.

SSL/TLS encryption: To protect the data of users that is transmitted via our online services, we use SSL/TLS encryption. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser address bar.

Hosting and Content Delivery Networks

We use hosting services from one or more hosting providers to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, email sending, security services, and technical maintenance services that we use for the purpose of operating this online offering.

In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors to this online offering on the basis of our legitimate interests in the efficient and secure provision of this online offering in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a data processing agreement).

Services used:

STRATO Webhosting

  • Service provider: STRATO AG, Pascalstraße 10, 10587 Berlin, Germany
  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
  • Website: https://www.strato.de
  • Privacy policy: https://www.strato.de/datenschutz/
  • Data Processing Agreement: Provided by the service provider

Provision of the Online Offering and Web Hosting

We process user data in order to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Types of data processed: Usage data (e.g., websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses)
  • Data subjects: Users (e.g., website visitors, users of online services)
  • Purposes of processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices such as computers, servers, etc.); Security measures
  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

More information on processing procedures, methods, and services:

Collection of Access Data and Log Files: Access to our online offering is logged in the form of so-called "server log files." Server log files may include the address and name of the web pages and files accessed, date and time of access, data volumes transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. The server log files can be used for security purposes, e.g., to avoid server overload (especially in the case of abusive attacks, so-called DDoS attacks), and to ensure server utilization and stability. The IP addresses are anonymized after a maximum of 7 days. Log files are stored for a maximum of 6 weeks and then deleted, unless their further storage is necessary for evidence purposes. Data whose further storage is required for evidence purposes is exempt from deletion until the respective incident is finally clarified.

  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
  • Retention period: Maximum 6 weeks for log files; IP addresses anonymized after maximum 7 days

Content Delivery Network (CDN): We use a "Content Delivery Network" (CDN). A CDN is a service that helps deliver content of our online offering, especially large media files such as graphics or scripts, faster and more securely through regionally distributed servers connected via the Internet.

  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Session Storage

We use the browser's Session Storage function to store user preferences temporarily during the session. Session Storage is used exclusively to store non-personal settings such as language preferences and design settings. This data is stored only in your browser and is automatically deleted when you close the browser or tab.

  • Types of data processed: Usage data (e.g., language settings, design preferences)
  • Data subjects: Users (e.g., website visitors)
  • Purposes of processing: Provision of user-preferred settings; Improvement of user experience
  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
  • Storage duration: Data is deleted automatically when the browser/tab is closed

Important note: No cookies are used on this website. Session Storage works exclusively locally in your browser and does not transmit any data to our servers.

Web Analytics and Optimization

Web analysis is used to evaluate visitor traffic to our online offering and may include the behavior, interests, or demographic information of users, as pseudonymous values. With the help of web analysis, we can, for example, recognize at what time our online offering or its functions or content are most frequently used or requested for repeat use, as well as which areas require optimization.

In addition to web analysis, we can also use testing procedures, for example, to test and optimize different versions of our online offering or its components.

Unless otherwise stated below, profiles, i.e., data aggregated for a usage process, can be created for these purposes and information can be stored in a browser or in a device and read from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times. If users have consented to the collection of their location data from us or from the providers of the services we use, location data may also be processed.

The IP addresses of users are also stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. In general, in the context of web analysis, A/B testing, and optimization, no clear user data (such as email addresses or names) is stored, but pseudonyms. This means that we, as well as the providers of the software used, do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective processes.

SimpleStats (Self-Hosted Analytics)

This website uses SimpleStats, a self-hosted, privacy-focused analytics plugin. All data is processed and stored exclusively on our own server — no data is transmitted to third parties. SimpleStats does not use cookies. IP addresses are anonymized before storage by removing the last octet of the address. Bot traffic is tracked separately and excluded from visitor statistics. The data collected includes page views, referrer sources, browser and device information, and access times, all stored as aggregated, non-personal statistics. No individual user profiles are created.

  • Data processing location: On our own server (STRATO, Germany)

  • Cookies: None

  • IP anonymization: Anonymization by truncation (last octet removed before processing)

  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

  • Types of data processed: Usage data (e.g., websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses)

  • Data subjects: Users (e.g., website visitors, users of online services)

  • Purposes of processing: Range measurement (e.g., access statistics, recognition of returning visitors); Profiles with user-related information (creation of user profiles)

  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

  • Retention period: Data will be deleted or anonymized as soon as they are no longer necessary for the purposes for which they were collected, typically after 26 months

Contact and Inquiry Management

When contacting us (e.g., via email), the data of the inquiring persons is processed insofar as this is necessary to respond to the inquiries and any requested measures.

  • Types of data processed: Contact data (e.g., email, telephone numbers); Content data (e.g., entries in online forms); Usage data (e.g., websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses)
  • Data subjects: Communication partners
  • Purposes of processing: Contact requests and communication; Managing and responding to inquiries; Feedback (e.g., collecting feedback via online form); Provision of our online offering and user-friendliness
  • Legal basis: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
  • Retention period: Data will be deleted as soon as they are no longer necessary for the purposes for which they were collected. For contact inquiries, this is the case when the respective conversation with the user has ended and it can be inferred from the circumstances that the matter in question has been conclusively clarified. The conversation is concluded when it can be inferred from the circumstances that the respective factual situation has been conclusively clarified. We review requests submitted by email every two years and delete them if they are no longer necessary.

Presence on Social Networks (Social Media)

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights.

Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created based on user behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective forms of processing and the opt-out options, please refer to the privacy statements and information provided by the operators of the respective networks.

Also in the case of requests for information and the assertion of data subject rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, please feel free to contact us.

Services and service providers used:

Rights of Data Subjects

As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:

  • Right to Object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. If personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

  • Right to Withdraw Consent: You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

  • Right of Access: You have the right to obtain confirmation as to whether personal data concerning you are being processed and, where that is the case, access to the personal data and the information specified in Article 15 GDPR.

  • Right to Rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, to have incomplete personal data completed in accordance with Article 16 GDPR.

  • Right to Erasure and Restriction of Processing: In accordance with Articles 17 and 18 GDPR, you have the right to obtain the erasure of personal data concerning you without undue delay, or alternatively to request the restriction of the processing of the data.

  • Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with Article 20 GDPR, and to transmit those data to another controller.

  • Right to Lodge a Complaint with a Supervisory Authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR, in accordance with Article 77 GDPR.

Changes to the Privacy Policy

We reserve the right to amend this privacy policy in order to adapt it to changed legal situations or changes in the service and data processing. However, this only applies with regard to declarations on data processing. If the consent of users is required or elements of the privacy policy contain regulations of the contractual relationship with users, the changes are only made with the consent of the users.

Users are requested to inform themselves regularly about the content of the privacy policy.