Skip to main content
Back

Privacy

Information pursuant to Art. 13 GDPR

Controller

Pixzl
Walid D. Rieken
Marienstraße 9
48683 Ahaus, Germany
Email: [email protected]
Phone: +49 (0) 152 598 383 11

Server log files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser transmits to us automatically. The following are recorded: browser type and version, operating system, referrer URL, hostname of the accessing computer, time of the server request, and IP address. This data is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in error-free presentation and optimisation). The storage period follows the requirements of the hosting provider (see the "Hosting" section).

Hosting

This website is hosted with Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The origin server is located in a German data centre. In front of the origin sits the Cloudflare CDN described in the next section as a reverse proxy. That means: pages are delivered to your browser via Cloudflare's edge network, while processing on the origin server takes place exclusively in Germany.

We have concluded a data processing agreement with Hetzner pursuant to Art. 28 GDPR. Legal basis: Art. 6(1)(f) GDPR. Provider's privacy policy: hetzner.com/de/rechtliches/datenschutz.

Cloudflare (CDN, DNS, and reverse proxy)

The domain drieken.com is operated through Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare acts as DNS provider, CDN, and reverse proxy: every request to the website is first routed to Cloudflare's global edge network, processed there, and only then forwarded to the origin server at Hetzner. Cloudflare processes your IP address, technical browser information, request timestamp, and the requested resources.

Cloudflare uses a technically necessary cookie called __cf_bm (Cloudflare Bot Management) for bot detection and abuse prevention. This cookie has a lifetime of approximately 30 minutes, serves security purposes only, and contains no personally identifiable data for advertising.

Where activated, Cloudflare may additionally use automatic email obfuscation. Visible mailto: addresses on the page are then protected client-side by a small script loaded from Cloudflare. This script is loaded only when the page is opened, from the Cloudflare CDN, and does not transmit any personal data about you as a visitor beyond what is already described above.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure, performant, and reliable delivery of the website) and § 25(2) no. 2 TDDDG for the technically necessary security cookie. We have concluded a data processing agreement with Cloudflare under Art. 28 GDPR. As Cloudflare is based in the USA, personal data may be transferred to the USA. Cloudflare is certified under the EU-US Data Privacy Framework; additionally, Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR are in place. Cloudflare privacy policy: cloudflare.com/en-gb/privacypolicy.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the browser's address bar switches from "http://" to "https://" and by the lock symbol in your browser bar.

Newsletter (Brevo)

If you would like to subscribe to the newsletter offered on this website, we require your first and last name as well as your email address. Subscription works on a double opt-in basis: after submitting your details, you receive a confirmation email through which you must actively confirm your subscription. Only then are you added to the distribution list.

To protect against automated submissions, the form contains a "honeypot" field invisible to humans (company). If this invisible field is filled in, the server silently rejects the submission. Because the field stays empty unless you actively interact with it, no personal data is collected or stored through it.

Sending and management are handled by Sendinblue GmbH (Brevo), Köpenicker Str. 126, 10179 Berlin, Germany. Brevo stores the data on servers in Germany and France. Statistical evaluation (open and click rates) is technically possible; we use it to improve the newsletter. We have concluded a data processing agreement with Brevo under Art. 28 GDPR.

Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw this consent at any time via the unsubscribe link in any newsletter message or by emailing [email protected]. Confirmed email addresses are stored until you unsubscribe from the list. Brevo privacy policy: brevo.com/legal/privacypolicy.

Cloudflare Turnstile

To protect the newsletter form from automated abuse, we use Cloudflare Turnstile, a CAPTCHA service provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. When the homepage is loaded, the Turnstile script is fetched from challenges.cloudflare.com. For bot detection, Cloudflare processes your IP address and technical browser information (user agent, language settings, screen size, time zone, mouse and keyboard interaction events). Turnstile is designed not to set classic tracking cookies. We run Turnstile in managed mode: the widget is visible next to the newsletter form and Cloudflare decides, based on traffic risk, whether additional interaction is required.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in protecting our newsletter form from spam and bot submissions). As Cloudflare is based in the USA, personal data may be transferred to the USA. Cloudflare is certified under the EU-US Data Privacy Framework; additionally, Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR are in place. The relevant policies are Cloudflare's privacy policy and the supplementary Turnstile privacy addendum: cloudflare.com/en-gb/privacypolicy, cloudflare.com/en-gb/turnstile-privacy-policy.

GitHub activity display

The homepage shows an activity grid of the public GitHub contributions of the profile github.com/drieken. The data is fetched exclusively server-side from github.com and cached hourly. There is no connection from your browser to GitHub; no visitor data is transmitted to GitHub.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in displaying our own public project activity).

Fonts

This website uses the Geist Sans and Geist Mono font families. The font files are embedded locally into the delivered assets during the build process and are served from the same hosting. There is no external connection to Google Fonts or any other third party when loading the fonts.

Google Analytics

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies and similar technologies to analyse use of the website. Among other things, pages visited, time on page, truncated IP address, device and browser type, and referrer information are recorded. Direct identification of your person is not possible; the IP address is truncated via the "anonymize_ip" function.

Processing takes place exclusively on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. As long as you do not actively consent, no analytics scripts are loaded and no data is transmitted to Google. As part of processing, data may be transferred to the USA. Google is certified under the EU-US Data Privacy Framework. You can withdraw your consent at any time with effect for the future by resetting your cookie selection here: . Google privacy policy: policies.google.com/privacy.

Cookies

Technically necessary storage takes place only locally in your browser to remember your decision regarding the consent banner (key ga-consent-v1 in local storage). Analytics cookies are set only after your active consent via the consent banner.

If you withdraw your consent or reset your cookie selection, any Google Analytics cookies already set (_ga, _ga_*, _gid, _gat*) are automatically removed by the banner. You do not need to clear your browser cache manually.

Rights of data subjects

You have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing. You also have the right to correction, erasure, restriction of processing, withdrawal of consent given, and data portability.

Where data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right at any time to object, on grounds relating to your particular situation, to the processing of your personal data. In the event of violations of the GDPR, you also have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your workplace, or the place of the alleged violation.

Please direct any requests to [email protected].

Storage period

Unless a more specific storage period is mentioned within this privacy policy, your personal data remains with us until the purpose of data processing no longer applies. If you make a legitimate request for erasure or withdraw consent for data processing, your data will be deleted unless we have other legally permissible reasons for storage.

Last updated

26 May 2026

© 2026 Dominik Rieken. All rights reserved.