Privacy Policy
In accordance with the General Data Protection Regulation (GDPR) and the German BDSG.
This privacy policy informs you about the type, scope, and purpose of the processing of personal data within our Website (Article 13 GDPR).
- In short:
-
We don't collect personal data
and use no cookies.
Server logs are automatically deleted — that's it.
Controller
(Verantwortlicher gemäß Art. 4 Abs. 7 DSGVO)
Weidmannstr. 16
80997 Munich
Germany
- See also:
- Questions & Contact further down for additional options how to contact us for data protection matters.
Mandatory Information Overview
(Art. 13(1) & (2) GDPR)
(click/tap to show)
- Type & Purpose of Data Processing
- Which data is processed based on which legal basis.
- Disclosure to Third Parties
- Who is involved in processing the data (no one).
- Server Logging
- What is logged (IP addresses).
- Storage Duration
- How long data is stored.
- Rights & Data Protection Supervision
- Your data subject rights and how to exercise them.
Beyond Compliance
Our Principles and Practices for Data Protection.
Enjoy a banner-free experience: We don't use tracking cookies or third-party services, so GDPR consent requests aren't needed.
What follows demonstrates how contemporary web design can respect both user autonomy and provider independence while remaining fully functional.
What We Don't Do
- No tracking – No Google Analytics, Facebook pixels, or other trackers
- No cookies – This website is designed to work without cookies
- No third-party connections – All scripts (optional) & fonts are hosted locally
- No advertising networks – No advertising, no ad tracking
- No social media integrations – No pointless links that silently track visitors
- No collection of personal data – We do not collect names, emails, or other personal information
We are convinced that this approach is not only appropriate for complying with legal obligations, but, in the interest of users, should be pursued by all providers, rather than following the interests of invasive large corporations.
Type and Purpose of Data Processing
Processing of personal data does not take place except for the temporary logging of IP addresses.
In particular, we do not process any special categories of personal data pursuant to Article 9 GDPR (e.g., health data, biometric data, religious or philosophical beliefs).
The logged data are processed as a technical necessity to enable the delivery of page requests over the Internet.
- Evaluating the usage of our service
- Adapting our systems to technical changes
- Analyzing and defending against abuse and attacks
The safeguarding of the security of our network and information systems constitutes our legitimate interest (Art. 6(1)(f) GDPR) in the storage and processing of this data.
The processing is expressly not conducted for the purpose of gaining insights about the persons accessing these pages.
All processing occurs within our sovereign infrastructure and under our exclusive administrative control.
We do not use automated decision-making, including profiling, pursuant to Art. 22 GDPR.
Disclosure to Third Parties
Furthermore, we avoid any form of data transfer to third countries – including the transfer of non-personal data.
Our strong data sovereignty is based on the fundamental avoidance of external dependencies:
- No external hosting providers, no data processing by third parties
- No external CDN, no external evaluation of visitor request patterns
- No advertising networks; the costs of this service are not offset by disproportionate and non-transparent consents.
- Correspondence is processed through our own email infrastructure
(thereby preventing, among other things, being compelled to tacitly accept the routine data analyses conducted by external cloud service providers).
Consequently and by design, both the role of the controller and the role of the processor remain with us.
The operator of the physical data center merely provides power and hardware for network connectivity; it has no logical access to the data in our systems.
Server Logging (Art. 13(2) GDPR)
This web server logs technical information for each processed request in log files (in accordance with § 15 of the German Telemedia Act).
Each log entry consists of a timestamp (date and time of your request),
the URI you requested, the server's HTTP response code,
and an identification string of the software you are using (User-Agent ID of your browser).
Information logged per incoming request:
- Source IP address
- Date and time of the request
- Requested URL and HTTP method
- HTTP status code
- Amount of data transferred
- Referrer URL (if transmitted by the browser)
- Browser type and version (if transmitted)
We do not combine this data with other data sources and cannot use it to identify individuals.
(Authorities with legal mandates may have extended capabilities through third parties.)
View your current request data Only you can see your details here!
Data processed by our server to handle your current request:
- Requested URI
- /privacy
- Referrer URL
- (Direct visit [or suppressed by browser])
- User-Agent
- Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
- Accept-Language
- (not provided)
- Source IP address
- 216.73.216.43
Resulting server log entry for this request:
216.73.216.43 - - [Wed, 01 Apr 2026 19:22:19 UTC] "GET /privacy HTTP/1.1" 200 - "(none)" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
Dual-Stack (IPv4/IPv6) Test
IPv4 connectivity:
IPv6 connectivity:
Storage Duration
Personal data are stored only for as long as is necessary for the purpose for which they were collected, or as long as legal retention obligations (e.g., under commercial or tax law) require longer storage. Once the purpose ceases to apply or the legal retention periods expire, the data are regularly and routinely deleted.
Automatic Deletion
Standard case: Log files are rotated daily, with the oldest data being deleted after 7 days. Log files are generally excluded from system backups.
Specific security exception: In the event of a security incident or suspected abuse, log files are copied. The purpose of investigation, legal defense, or prevention of future attacks is decisive for the extension of the retention period.
Outside this specific exception, all traces of your visit are completely removed from our systems according to the schedule above.
Your Data Subject Rights
Under the EU General Data Protection Regulation, you have the following rights:
- If your personal data is processed, you have the right to obtain information about the data stored concerning you (Art. 15 GDPR).
- If inaccurate personal data is processed, you have the right to rectification (Art. 16 GDPR).
- If the legal prerequisites are met, you may request the erasure or restriction of processing of your data, as well as object to the processing (Art. 17, 18 and 21 GDPR).
- If you have consented to the data processing or a data processing contract exists and the data is processed by automated means, you may have the right to data portability – you can receive your data in a structured, commonly used format (Art. 20 GDPR).
To exercise your rights, you will find all contact options immediately following this paragraph, see Questions & Contact.
Supervisory Authority
Promenade 18
91522 Ansbach
Germany
www.lda.bayern.de
Questions & Contact
Weidmannstr. 16
80997 Munich
Germany Email: dsb.www@omnilan.de
Phone: – (no telephone contact for data protection matters)
Data Protection Officer:
We are not legally required to appoint a Data Protection Officer pursuant to Article 37 GDPR.
For all data protection matters, please contact us directly as specified above.
Contact via Internet
We do not offer an online contact form, but we do provide you with the option to contact us via email for legitimate requests.
Processing of Email Contacts (show/hide)
If you contact us by email, your message will be stored with us in order to answer your inquiry. This includes any personal data you communicate to us (your email address, name, etc.).
Email addresses are processed exclusively within the context of the specific correspondence. We do not create contact lists, perform address analysis, add addresses to newsletter or marketing databases, or use them for any purpose other than responding to your individual inquiry.
The legal basis for processing this data is Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper handling of the
communication conducted with you.
If your contact is aimed at concluding a contract, Art. 6(1)(b) GDPR serves as an additional legal basis.
Irrelevant or harmful messages are manually deleted immediately.
Otherwise, your submitted messages remain stored with us until you request deletion, revoke your consent to storage, or the purpose for data storage ceases to apply (e.g., after your inquiry has been conclusively processed). Statutory provisions – in particular statutory retention periods – remain unaffected.
Personal data is not disclosed to third parties.
All measures concerning our own protection are conducted without data transfer to a third country:
- Anti-virus scanning of content is performed exclusively on our systems (locally); neither patterns, plain text, nor attachments are processed (or analyzed) "in the cloud".
- Detection of spam characteristics likewise occurs exclusively on our systems.
NO CLOUD – NO LEAKS
Modern web design does not require ubiquitous tracking, profiling, or data intermediation – practices often adopted through
unexamined imitation of questionable industry trends rather than necessity.
We choose a different path to ensure your data remains protected:
We retain full control so as not to have to rely on agreements with third parties.
Last updated:
This privacy policy applies to all pages published under this domain.