GDPR / Privacy

Tobias Lieshoff

Email: me@tobias-lieshoff.de

This privacy notice applies to the website blog.tobias-lieshoff.de (the “Blog”). It explains what personal data may be processed when you visit or interact with the Blog.

The Blog is hosted by an external service provider located within the European Union. For technical delivery and security, the hosting provider processes server log data.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and reliable operation).

When you access the Blog, technical data may be processed in server logs, such as IP address, date/time, requested URL, referrer (if provided by your browser), status codes, response size, and user agent. Logs are used to ensure availability, prevent abuse, and investigate incidents.

Legal basis: Art. 6(1)(f) GDPR.

If the Blog offers user accounts, the processing of account data is limited to what is necessary to provide login and account-related functionality (e.g., username, email address, password hash, and technical session data).

Legal basis: Art. 6(1)(b) GDPR (performance of a contract / providing requested functionality) and Art. 6(1)(f) GDPR (security, abuse prevention).

If comments are enabled, the content you submit (comment text) and associated technical metadata (e.g., timestamp, internal identifiers, and possibly IP address for abuse prevention) may be processed to publish and manage comments and to protect the Blog against spam or misuse.

Legal basis: Art. 6(1)(b) GDPR (providing the commenting feature you request) and Art. 6(1)(f) GDPR (moderation, security, abuse prevention).

If you contact me by email, the information you provide will be processed solely to respond to your inquiry and for related communication.

Legal basis: Art. 6(1)(b) GDPR (if the request relates to a contract or pre-contractual steps) and Art. 6(1)(f) GDPR (legitimate interest in handling inquiries).

The Blog does not use analytics or advertising tracking by default. If login is available, a strictly necessary session cookie may be used to keep you signed in. Such cookies are required for the website to function.

Legal basis (if used): Art. 6(1)(f) GDPR (strictly necessary operation) and, where applicable, § 25(2) TTDSG (Germany) for essential cookies.

The Blog may provide an RSS feed. When you retrieve the feed, your request is processed like any other page request (including server logs).

Legal basis: Art. 6(1)(f) GDPR.

Data may be processed by technical service providers (e.g., hosting) acting as processors under GDPR. Data is only shared where necessary for operation, security, or legal compliance.

Personal data is stored only as long as necessary for the respective purpose, or as required by law. Server logs are retained for a limited period for security and troubleshooting. Account and comment data is kept as long as the related feature is used or required for moderation and abuse prevention.

If personal data is processed by services located outside the European Union/EEA, this is done in accordance with GDPR requirements (e.g., adequacy decisions or appropriate safeguards).

You have the right to request access, rectification, erasure, restriction of processing, data portability, and to object to processing in accordance with the GDPR. You also have the right to lodge a complaint with a supervisory authority.

This privacy policy may be updated from time to time to reflect legal, technical, or operational changes.