Privacy Policy

Data Controller

Max Hünecke Daverdener Straße 5 28327 Bremen Germany

Email: [email protected]

Hosting & Server Logs

This website is hosted via Cloudflare Pages. When you visit the site, technical access data such as your IP address, browser, and operating system are recorded as server log files. The legal basis is my legitimate interest in the secure operation and defense against attacks (Art. 6 (1) (f) GDPR). All data transmission is encrypted. I have concluded a Data Processing Agreement (DPA) according to Art. 28 GDPR with Cloudflare (Cloudflare, Inc., USA). However, within the scope of providing specific security and network functions (e.g., defending against attacks), Cloudflare may also act as an independent controller under Art. 4 No. 7 GDPR. Data transfers to the US are safeguarded by the EU-US Data Privacy Framework and EU Standard Contractual Clauses.

cloudflare.com/privacypolicy

Contact Form & Email

If you contact me, your details (name, company (optional), email address, phone number (optional), topic, message) will be processed to handle your inquiry. The legal basis is Art. 6 (1) (b) GDPR for (pre-)contractual inquiries, otherwise my legitimate interest in communication (Art. 6 (1) (f) GDPR). System emails are sent via Resend (Resend Labs Inc., USA), and incoming messages are processed in my Microsoft 365 mailbox (Microsoft Ireland Operations Limited). A Data Processing Agreement (DPA) under Art. 28 GDPR has been concluded with both providers. I use dedicated servers within the European Union (Ireland) for Resend. When sending emails via Resend, technical metadata (e.g., IP address, timestamp, delivery status) may be processed alongside your entered data. This processing is exclusively for the secure and reliable delivery of emails. Note on risks of third-country transfers: Since the parent companies of the service providers used (Resend, Microsoft) are based in the US, there is a fundamental risk, despite European server locations, that US authorities could access personal data (e.g., based on US surveillance laws like FISA 702 or the CLOUD Act) without ensuring a level of data protection comparable to the EU or effective legal remedies. Data transfers to the US are legally safeguarded by the EU-US Data Privacy Framework and EU Standard Contractual Clauses. Your data will be deleted once the inquiry has been conclusively resolved, provided there are no statutory retention obligations (e.g., under commercial or tax law).

resend.com/legal/privacy-policy · privacy.microsoft.com

Cookies & Spam Protection

This website does not use tracking or marketing cookies. Your selected language is stored purely locally in your browser. To defend against automated spam, I use Cloudflare Turnstile in the contact form. This tool analyzes technical browser characteristics in the background without displaying a visual CAPTCHA. The absolute technical access to the end device to prevent spam is based on Sec. 25 (2) No. 2 TDDDG, as this is strictly necessary to provide the explicitly requested contact form. The subsequent data processing is based on my legitimate interest in the security of my IT systems (Art. 6 (1) (f) GDPR).

External Links

This website contains links to external services: Credly for certification verification and LinkedIn for the profile link. By clicking these links, you leave this website. The respective privacy policies of these providers apply to the data processing there.

privacy.microsoft.com · info.credly.com/privacy-policy · linkedin.com/legal/privacy-policy

Your Rights at a Glance

You have the right to access your stored data, as well as the right to rectification, erasure, restriction of processing, and data portability. Since I process data based on legitimate interests, you have the right to object to this processing at any time (Art. 21 GDPR). Furthermore, you have the right to lodge a complaint with the competent data protection supervisory authority. Please send any inquiries to me by email to the address stated above.