Privacy Policy

1. General Information

The protection of your personal data is very important to us. This Privacy Policy explains how we collect, process, and use your personal data when you visit this website or subscribe to our newsletter.

Personal data means any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR).

2. Controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Christian Bachmaier
Winzererstraße 36
80797 Munich
Germany
Email: christian.bachmaier.blog@gmail.com

As a sole founder, you act as the data controller within the meaning of Art. 4 No. 7 GDPR.

3. Data Collection When Visiting the Website

3.1 Server Log Files

When you access this website, information is automatically collected by our hosting provider Vercel.

The following data may be collected automatically:

  • IP address
  • Browser type and version
  • Operating system
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

This data is technically necessary to display the website and to ensure stability and security.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation of the website).

We have concluded a Data Processing Agreement (DPA) with Vercel in accordance with Art. 28 GDPR.

If personal data is transferred to third countries (e.g., the United States), such transfers are based on appropriate safeguards such as Standard Contractual Clauses pursuant to Art. 46 GDPR.

4. Analytics

We use Vercel Analytics to analyze the use of our website.

Vercel Analytics collects anonymized usage data such as:

  • Pages visited
  • Referrer
  • Duration of visit
  • Device type

According to the provider, no cookies are used and no personal profiles are created.

Legal basis:

  • Art. 6(1)(f) GDPR (legitimate interest in improving our website), or
  • Art. 6(1)(a) GDPR (consent), if a consent management tool is used.

You may object to processing based on legitimate interest at any time (see Section 9).

5. Newsletter

5.1 Newsletter Subscription

If you subscribe to our newsletter, we collect:

  • Email address
  • IP address
  • Date and time of registration
  • Date and time of confirmation

We use a double opt-in procedure. After registration, you will receive an email asking you to confirm your subscription. The subscription only becomes effective once you confirm it. This ensures that no one can register with someone else’s email address.

Legal basis: Art. 6(1)(a) GDPR (consent).

5.2 Newsletter Service Provider

The newsletter is sent via Mailjet, a service of Mailjet SAS, 13–13 bis, rue de l’Aubrac, 75012 Paris, France.

Mailjet acts as a data processor pursuant to Art. 28 GDPR. We have concluded a Data Processing Agreement (DPA) with Mailjet.

Data is generally stored on servers within the European Union. If data is transferred to countries outside the EU/EEA, this is done on the basis of appropriate safeguards such as Standard Contractual Clauses pursuant to Art. 46 GDPR.

Mailjet enables statistical analysis of newsletter campaigns (e.g., open rates and click rates). These analyses are used to optimize future newsletters.

5.3 Withdrawal of Consent and Deletion

You may revoke your consent at any time via the unsubscribe link included in every newsletter or by contacting us directly.

The legality of processing carried out prior to revocation remains unaffected.

Your data will be stored until you unsubscribe. After unsubscribing, your data will be deleted from the distribution list unless statutory retention obligations require otherwise.

6. Contacting Us

If you contact us by email, the data you provide will be stored for the purpose of processing your request and possible follow-up questions.

Legal basis:

  • Art. 6(1)(b) GDPR (pre-contractual measures), or
  • Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

The data will be deleted once it is no longer necessary for the purpose for which it was collected, unless statutory retention periods apply.

7. Data Retention

We retain personal data only as long as necessary for the respective processing purpose or as required by statutory retention obligations.

Once the purpose ceases to apply or retention periods expire, the data will be deleted or restricted in accordance with legal requirements.

8. Your Rights Under the GDPR

You have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to withdraw consent at any time (Art. 7(3) GDPR)

You also have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement.

9. Right to Object (Art. 21 GDPR)

If processing is based on Art. 6(1)(f) GDPR (legitimate interest), you have the right to object at any time for reasons arising from your particular situation.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests.

If your personal data is processed for direct marketing purposes, you have the right to object at any time without providing reasons.

10. Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or manipulation.

11. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy to reflect legal requirements or changes to our services. The current version is always available on this website.