More
Сhoose
Projects
Useful Links
Germany

Tibarg 32C, 22459 Hamburg, Germany +49 40 12345678

Back to top

Privacy Policy

Privacy Policy

Data Controller

Carl-Frederic Nickell
CARL Media
Tibarg 32C
22459 Hamburg, Germany
Email: mail@carl-cyber.tech

Overview

This privacy policy explains how I collect, use, and protect your personal data when you visit this website. As a cybersecurity-focused professional, I take data protection seriously and have implemented privacy-by-design principles throughout this website.

Data Collection

This website collects minimal data:

Analytics Data (Anonymous)
  • No cookies: This website operates completely cookie-free
  • Anonymized analytics: Basic usage statistics via self-hosted Matomo
  • IP anonymization: IP addresses are immediately anonymized (last 2 octets removed)
  • No personal profiling: No tracking across sessions or devices
Contact Form Data
  • Name and email: Only when you voluntarily submit the contact form
  • Message content: Any information you choose to include in your message
  • Processing purpose: Solely to respond to your inquiry
  • Storage duration: Deleted after 12 months or upon request

Legal Basis for Processing

  • Analytics: Legitimate interest (Art. 6(1)(f) GDPR) - improving website performance
  • Contact forms: Consent (Art. 6(1)(a) GDPR) - you voluntarily provide information
  • Email responses: Contract performance (Art. 6(1)(b) GDPR) - responding to inquiries

Data Sharing

I do not share, sell, or transfer your personal data to third parties, except:

  • Legal requirements: When required by law or court order
  • Technical service providers: Hosting provider (Hetzner, Germany) under data processing agreement

Data Security

As a DevOps engineer with cybersecurity focus, I implement comprehensive security measures:

  • Encryption: All data transmission via HTTPS/TLS 1.3
  • Server hardening: Regular security updates and monitoring
  • Access control: Strict access controls and authentication
  • Self-hosting: Analytics data never leaves German servers
  • Regular audits: Continuous security monitoring and updates

Your Rights (GDPR)

You have the following rights regarding your personal data:

  • Access: Request information about data I hold about you
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured format
  • Objection: Object to processing based on legitimate interests
  • Withdrawal: Withdraw consent at any time

Data Retention

  • Analytics data: Automatically purged after 24 months
  • Contact inquiries: Deleted after 12 months or upon request
  • Email correspondence: Retained only as long as necessary for the purpose

Third-Party Services

This website uses minimal third-party services:

  • Hetzner Cloud: Hosting provider (Germany, GDPR-compliant)
  • Let's Encrypt: SSL certificate authority (privacy-focused)
  • No tracking services: No Google Analytics, Facebook Pixel, or similar

International Data Transfers

All data processing occurs within the European Union (Germany). No data is transferred to countries outside the EU/EEA.

Children's Privacy

This website is not directed at children under 16. I do not knowingly collect personal data from children under 16.

Changes to Privacy Policy

I may update this privacy policy occasionally. Any changes will be posted on this page with an updated revision date. Continued use of the website after changes constitutes acceptance of the updated policy.

Contact & Complaints

For privacy-related questions or to exercise your rights, contact me at mail@carl-cyber.tech.

You also have the right to lodge a complaint with the supervisory authority:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Straße 22, 20459 Hamburg, Germany

Effective date: June 2025
Last updated: June 2025
Version: 1.0