Last updated: June 2026
1. Controller
The controller responsible for data processing on this website within the meaning of the GDPR (Art. 4 No. 7):
Osman Tatli
Felsgasse 3
1110 Vienna, Austria
Email: [email protected]
2. General
Personal data on this website is only processed where technically necessary for operation or required by law. No further use or disclosure to third parties takes place, except as described in the services listed below.
3. Hosting and Server Logs
This website is hosted on a virtual server provided by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
Every page request is automatically logged by the web server:
- IP address of the requesting device
- Date and time of access
- Name and URL of the requested page
- Referrer (previously visited page, if transmitted)
- Browser type, version and operating system
This data is not merged with other sources and is used solely for the technical provision of the website and detection of attacks and errors.
Legal basis: Art. 6(1)(f) GDPR. Retention period: 7–30 days, then automatically deleted.
4. Content Delivery Network – Cloudflare
This website uses services provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare acts as a reverse proxy and CDN: all requests are routed through the Cloudflare network. In doing so, Cloudflare processes technical connection data (IP address, HTTP headers, requested URL, timestamp) for the purpose of DDoS protection, security filtering and fast content delivery.
Cloudflare Web Analytics is used for web statistics. This service operates without cookies and without individual user tracking.
Data transfer to the US is based on standard contractual clauses pursuant to Art. 46(2)(c) GDPR. Legal basis: Art. 6(1)(f) GDPR. Cloudflare privacy policy: https://www.cloudflare.com/privacypolicy/
5. Cookies and WordPress
This website runs on WordPress. Operator cookies (wordpress_logged_in_, wp-settings-) are only set when a registered user is logged in. Regular visitors do not receive these cookies.
Comment cookies (comment_author_, comment_author_email_, comment_author_url_*) are only set when a visitor leaves a comment and consents to having their data saved. Retention period: approx. 347 days.
No cookie banner is required for this installation as no tracking or marketing cookies are used.
6. Comments
When visitors leave comments, the following data is stored: name, email address, optional website URL, comment content, IP address and timestamp.
Gravatar: WordPress transmits an MD5 hash of the commenter’s email address to the Gravatar service by Automattic, Inc. (USA) to retrieve a profile picture. This can be disabled in WordPress settings.
Spam protection (Antispam Bee): Comments are checked for spam locally on the server. No data is transmitted to external services. Legal basis: Art. 6(1)(f) GDPR.
Legal basis for comments in general: Art. 6(1)(a) and (f) GDPR. Comments can be deleted upon request.
7. Embedded External Content
Posts may include embedded content from third-party providers (e.g. YouTube videos, Spotify). This content behaves exactly as if the visitor had visited the third-party website directly. Where possible, privacy-friendly embed modes are used (e.g. YouTube no-cookie).
8. Fonts
This website uses exclusively locally hosted fonts. No data is transmitted to external font services.
9. Contact by Email
When you contact us by email, the transmitted data is used solely to process your request and is not passed on without your consent. Legal basis: Art. 6(1)(f) GDPR. Data is deleted after the matter is resolved.
10. Your Rights
Under the GDPR you have the following rights. To exercise them, a simple email to the address above is sufficient:
- Access (Art. 15): right to information about the data we hold about you
- Rectification (Art. 16): right to correction of inaccurate data
- Erasure (Art. 17): right to deletion, where no legal retention obligation applies
- Restriction (Art. 18): right to restricted processing in certain situations
- Data portability (Art. 20): right to receive your data in a machine-readable format
- Objection (Art. 21): right to object to processing based on legitimate interest
11. Right to Lodge a Complaint
You have the right to lodge a complaint with the competent supervisory authority:
Austrian Data Protection Authority (DSB) Barichgasse 40-42, 1030 Vienna Email: [email protected] Web: https://www.dsb.gv.at/