Sign in Subscribe

Privacy Policy

Effective Date: 25.12.2025

This privacy policy explains how personal data is collected, used, and protected when you visit this website or subscribe to the newsletter.

1. Data Controller

The data controller responsible for this website is:

Denis Hartl
Großer Sandkamp 8
21514 Büchen
Germany

Phone: +49 160 90862016
Email: hello@denishartl.com

2. Hosting and Data Processors

This website is hosted by MagicPages (magicpages.co), which provides Ghost CMS hosting services. MagicPages acts as a data processor on my behalf.

MagicPages uses the following sub-processors:

ProviderLocationPurpose
Hetzner Online GmbHGermanyServer infrastructure
Bunny CDN (BunnyWay d.o.o.)EUContent delivery network
Mailgun Technologies, Inc.USAEmail delivery

Mailgun is based in the United States and processes data under Standard Contractual Clauses (SCCs) to ensure GDPR-compliant international transfers.

For details, see the MagicPages Data Processing Agreement.

3. Member Registration and Newsletter

What data is collected

When you sign up for the newsletter or create a member account, the following data is collected:

  • Email address
  • IP address (for fraud prevention and geolocation)
  • Signup timestamp

Purpose

  • To deliver the newsletter
  • To enable commenting on blog posts
  • To manage your membership preferences
  • Consent (Article 6(1)(a) GDPR) — You actively sign up and confirm your subscription via double opt-in

Email delivery

Newsletters are sent via Mailgun, a third-party email service provider. Mailgun processes your email address to deliver emails on my behalf. Mailgun is based in the USA and operates under Standard Contractual Clauses.

Data retention

Your data is stored until you unsubscribe or request deletion. Every newsletter contains an unsubscribe link. You may also contact me directly to request account deletion.

4. Comments

Comments on this website are only available to registered members.

What data is associated with comments

  • Comment content
  • Timestamp
  • Your member account (email address, not publicly displayed)
  • Legitimate interest (Article 6(1)(f) GDPR) — Enabling community discussion on the blog

Moderation

I may review, edit, or delete comments that violate site guidelines.

Data retention

Comments remain until deleted by you, by me, or upon deletion of your member account.

5. Cookies and Technical Data

Cookies

This website uses only essential cookies required for the site to function:

  • Member authentication (keeping you logged in)
  • Admin session management

These cookies are strictly necessary and do not require consent under GDPR.

No tracking cookies, analytics cookies, or advertising cookies are used.

Server logs

The hosting infrastructure may collect access logs for security and debugging purposes, including:

  • IP addresses (may be anonymized)
  • Browser type and version
  • Pages visited
  • Date and time of access

This processing is based on legitimate interest (Article 6(1)(f) GDPR) for maintaining website security and functionality.

Content Delivery Networks

Bunny CDN: Content is delivered via Bunny CDN (EU-based) to improve website performance. This may involve processing your IP address for routing purposes. Bunny CDN is covered under the MagicPages Data Processing Agreement.

jsDelivr: Ghost uses jsDelivr CDN to deliver certain scripts for the membership portal and search functionality. When your browser loads these resources, your IP address and basic browser information may be transmitted to jsDelivr servers for technical and statistical purposes. jsDelivr is operated by Volentio JSD Limited (Poland/UK) and is subject to EU and UK GDPR. For more information, see the jsDelivr Privacy Policy.

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of access (Article 15)

You may request a copy of the personal data I hold about you.

Right to rectification (Article 16)

You may request correction of inaccurate or incomplete data.

Right to erasure (Article 17)

You may request deletion of your personal data, subject to legal retention obligations.

Right to restrict processing (Article 18)

You may request that I limit how your data is used.

Right to data portability (Article 20)

You may request your data in a structured, machine-readable format.

Right to object (Article 21)

You may object to processing based on legitimate interest.

You may unsubscribe from the newsletter at any time via the link in each email. Withdrawal does not affect the lawfulness of prior processing.

Right to lodge a complaint

You may file a complaint with a supervisory authority. In Germany, this is the data protection authority (Datenschutzbehörde) of your federal state.

How to exercise your rights

Contact me at: hello@denishartl.com

7. International Data Transfers

Your data is primarily processed within the European Union:

  • Hosting infrastructure: Germany (Hetzner)
  • Content delivery: EU (Bunny CDN)

The following services may involve transfers outside the EU:

ServiceLocationSafeguard
MailgunUSAStandard Contractual Clauses
jsDelivrUK/Poland (EU routing)UK/EU GDPR compliance

8. Data Security

Appropriate technical and organizational measures are in place to protect your data, including:

  • SSL/TLS encryption for all data in transit
  • Secure hosting infrastructure
  • Access controls and confidentiality obligations

No payment data is collected or stored (this site does not offer paid subscriptions).

9. Changes to This Policy

This privacy policy may be updated periodically. The effective date at the top of this page indicates when the policy was last revised. Significant changes will be communicated via the website or newsletter.

Contact

For questions about this privacy policy or your personal data, contact:

Denis Hartl
Email: hello@denishartl.com