Privacy & Data Protection

Information on the processing of personal data in accordance with the EU General Data Protection Regulation (GDPR).

1. General information

The use of this website is generally possible without providing personal data. Personal data is processed only to the extent technically necessary or required for communication purposes, and always in accordance with applicable data protection laws.

2. Controller

The controller responsible for data processing within the meaning of Art. 4 No. 7 GDPR is:

Heiko Zimmermann
Eichenstr. 7
94072 Bad Füssing
Germany
Phone: +49 (0)8531 3174298
E-mail: [email protected]

3. Server log files

When accessing this website, the involved web servers automatically process the following data for technical and security-related purposes:

  • IP address
  • Date and time of access
  • Requested pages
  • Referrer URL
  • Browser type and operating system
  • Failed login attempts (if applicable)

The legal basis for this processing is Art. 6 para. 1 lit. f GDPR (legitimate interest in ensuring technical functionality, stability, and system security). This data is not merged with other data sources and is deleted after 30 days.

4. Cookies

This website uses only technically necessary session cookies. These cookies are required for basic website functionality and are deleted automatically at the end of the session. No tracking or marketing cookies are used.

5. Communication

If you contact the website operator by electronic means (e.g. e-mail or external communication platforms), the transmitted personal data will be processed exclusively for the purpose of handling your request. The legal basis is Art. 6 para. 1 lit. b GDPR. The data will not be disclosed to third parties and will be deleted once the request has been conclusively processed, unless statutory retention obligations apply.

6. Data transmission, hosting and CDN

Data transmission is encrypted using HTTPS. The website is hosted on servers located in Germany (Hetzner Online GmbH).

For performance and security purposes, Cloudflare, Inc. is used as a content delivery network (CDN) and reverse proxy. The website is delivered via Cloudflare’s infrastructure. In this context, technical connection data (in particular IP addresses and request metadata) is processed to the extent necessary for secure and efficient operation of the website. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in performance, stability, and protection against misuse). Appropriate safeguards pursuant to Art. 46 GDPR are in place.

7. Rights of data subjects

You have the right to request information about the personal data processed concerning you (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), and data portability (Art. 20 GDPR).

You also have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

Security & compliance with a pragmatic engineering mindset.
Independent technical work bridging security requirements and real-world operations.
ImprintPrivacy
© 2026 Heiko Zimmermann. All rights reserved.