Privacy
Controller
The controller within the meaning of the General Data Protection Regulation is:
Dr. Jens Hartmann
Burnitzstraße 47, 60596 Frankfurt am Main, Germany
post@jens-hartmann.net · +49 69 348 77 120
Principle
This website is static. It sets no cookies and stores no personal data. A small Plausible script, served from plausible.io, counts pageviews — that is the only third party in the picture; everything else, including the fonts, is delivered from this domain. There is no contact form and no newsletter. Personal data is processed only to the extent technically unavoidable.
The site is served exclusively over an encrypted HTTPS connection. There is no profiling and no automated decision-making within the meaning of Article 22 GDPR.
Reach measurement with Plausible
Pageviews are counted by Plausible Analytics (Plausible Insights OÜ, Västriku 2, 50403 Tartu, Estonia), acting as a processor under Article 28 GDPR. Plausible records the visit without cookies, without storing IP addresses, and without any identifier that could recognise you between visits or across other sites. The processing is hosted within the European Union.
The legal basis is Article 6(1)(f) GDPR; the legitimate interest is in understanding which parts of this small site are read. No consent is required because nothing is set on your machine. Plausible's own data policy is published at plausible.io/data-policy.
Server log files
When the site is accessed, the hosting provider automatically processes data your browser transmits for technical reasons: IP address, date and time of the request, the file requested, the volume of data transferred, the referring page, and browser and operating-system details.
The purpose is to deliver the website and to ensure its stability and security. The legal basis is Article 6(1)(f) GDPR; the legitimate interest lies in the secure and functioning operation of the website.
The log data is retained by the hosting provider for a limited period only and is then deleted automatically, unless it is exceptionally needed for longer to investigate a specific security incident. The data is not combined with other sources or evaluated for advertising purposes.
Hosting and transfer to the USA
The website is hosted, as a processor under Article 28 GDPR, by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. The domain is managed through Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. Data processing agreements are in place with both providers.
Operating the website involves the transfer of personal data to the United States. This is based on the European Commission's adequacy decision for the EU-US Data Privacy Framework, where the provider concerned is certified under it; otherwise the transfer relies on Standard Contractual Clauses under Article 46 GDPR.
Your rights
You have the right of access (Article 15 GDPR), rectification (Article 16), erasure (Article 17), restriction of processing (Article 18) and data portability (Article 20).
Where processing is based on a legitimate interest, you also have the right to object to it at any time on grounds relating to your particular situation (Article 21 GDPR). To exercise these rights, contact the controller named above; doing so is free of charge.
Right to lodge a complaint
You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data — in particular in the Member State of your residence, your place of work or the place of the alleged infringement.
The authority responsible for the controller is the Hessian Commissioner for Data Protection and Freedom of Information, Postfach 3163, 65021 Wiesbaden, Germany — datenschutz.hessen.de.
Last updated
This privacy notice is dated May 2026. It will be amended if the website or the legal framework changes.