Privacy Policy

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you.

Quick Summary

• We collect only necessary technical data to run the website.
• No marketing or tracking cookies are used.
• We don’t sell your data or use it for profiling.
• You can contact us to view or delete your data with the email provided below.

Data recording on this website

The data processing controller on this website is (pursuant to Article 4(7) of the EU General Data Protection Regulation (GDPR)):

Simon Phumin Schweikert
Schweikert Consulting
Wilhelminenstr. 16
90461 Nürnberg
Germany

Email: [email protected]

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).

Data Protection Officer

According to Article 37 GDPR in conjunction with § 38 BDSG, I am not required to appoint a data protection officer.

If you have any concerns regarding privacy or wish to exercise your rights, you may contact me directly.

Data Subject Rights

Your Rights

Under the General Data Protection Regulation, you have the following rights:

• The right of access to information about the categories of personal data processed, the purposes of processing, the retention periods, and any recipients of the data (Article 15 GDPR and § 34 BDSG).
• The right to rectification or erasure of inaccurate or incomplete personal data (Articles 16 and 17 GDPR and § 35 BDSG).
• The right to restriction of processing, subject to the conditions of Article 18 GDPR or § 35(1) sentence 2 BDSG.
• The right to object to the processing of your personal data on grounds relating to your particular situation, where the processing is based on legitimate interests (Article 21(1) GDPR).
• The right to withdraw your consent at any time, with effect for the future (Article 7(3) GDPR).
• The right to data portability, i.e., to receive the personal data you have provided to us in a commonly used and machine-readable format (Article 20 GDPR).
• The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (Article 22 GDPR, including the definition in Article 4(4) GDPR).
• The right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement.

Procedure

If you exercise your rights under the GDPR and the BDSG, we will process the data you provide to us in order to fulfill your request.

We will subsequently store the data you have transmitted to us, as well as our corresponding responses, for documentation purposes until the expiry of the statutory limitation period for administrative offenses (3 years).

The legal basis for this processing and storage is Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest arises from our obligation to respond to your request and our need to defend ourselves in potential administrative proceedings by proving that we have complied properly.

You may object to this processing based on legitimate interest at any time under the conditions set out in Article 21 GDPR. Please use the contact information provided in the legal notice (Impressum).

However, please note that such processing is deemed mandatory within the meaning of Article 21(1) GDPR for the purpose of proving compliance with data subject rights, as there are no equally suitable means of verification available.

Data Processing Modalities

Sources and Categories of Personal Data

We process your personal data only to the extent necessary for the initiation, execution, or modification of a contractual relationship between you and us ("inventory data"). Inventory data may include: name, title, contact details (postal address, phone number, email address), date of birth, etc.

In addition, we process usage data. Usage data includes data generated when you use our web services, in particular:

• your IP address
• start and end time of your visit
• information about the content accessed on our website

This data is collected either:

• directly from you (e.g., through your visit), or
• where permitted by law, from third parties or publicly accessible sources (e.g., commercial or association registers, press, media, internet)

Data Transfers to Third Countries Outside the EU

All information we receive from or about you is generally processed on servers located within the European Union. A transfer of your data to or processing in third countries only takes place:

• with your express consent,
• if legally permitted or required,
• or if an adequate level of data protection is ensured in the third country, either through an adequacy decision by the European Commission or through standard contractual clauses (SCCs) issued by the EU.

For data transfers to the USA:

The European Commission has adopted an adequacy decision called the EU-U.S. Data Privacy Framework, which ensures an adequate level of data protection for personal data transfers to certified U.S. companies.

Where we use services that transfer personal data to the U.S., we indicate whether the respective company is certified under this framework.

Disclosure of Data and Data Processing by Third Parties

We never disclose your personal data to unauthorized third parties. However, we may transfer data:

• with your explicit consent,
• to comply with legal obligations, or
• if we are legally permitted or required to do so by law, regulatory authority, or court order.

This may include, for example, requests from law enforcement, measures to avert danger, or to enforce intellectual property rights.

We may also transfer your data to external service providers ("processors") who process data on our behalf and according to our instructions, for example to facilitate or support our data processing.

Each processor is contractually obligated pursuant to Article 28 GDPR, including providing sufficient guarantees that appropriate technical and organizational measures are implemented to ensure GDPR-compliant processing and the protection of your rights as a data subject.

Despite involving processors, we remain the controller responsible for the processing of your personal data under data protection law.

Purpose of Processing

We use your data only for the purpose for which it was collected. Further processing for a different purpose may occur only if the new purpose is compatible with the original one (Article 5(1)(c) GDPR).

Data Retention

Unless otherwise specified in this privacy policy, we retain the personal data we collect only as long as necessary for the purpose for which it was collected, or as long as statutory retention obligations (e.g., under commercial or tax law) require.

Data Security Measures

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from „http://“ to „https://“ and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Specific Data Processing Activities

We aim to provide you with transparent information about which data we process, at what time, on what legal basis, and for what purpose.

Server Log Files

Every time you access our website or retrieve data from a server, general information is automatically transmitted to the server providing the content. This is an essential part of communication between devices on the internet.

This data includes your IP address, browser and operating system information (user agent), the website from which you accessed our site (referrer), date and time of the request (timestamp), HTTP status, and the volume of data transmitted.

These data are stored temporarily in so-called server log files. We use this information to identify and resolve website errors, analyze load peaks to optimize performance, and ensure security by tracking any unauthorized access attempts.

Your IP address is stored only for the duration of your website use and is then deleted or anonymized. Other data is stored for a limited time (usually 7 days).

Legal basis: Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the operation and maintenance of the website.

You may object to this processing pursuant to Article 21 GDPR. However, please note that processing of server log files is essential for the operation of the website.

Cookies and Web/Session Storage

Only technically essential cookies are used on this site and its subdomains.

What are Cookies?

Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called „session cookies.“ and technically necessary to display our services on this website and subdomain services. They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to under Article 6(1)(f) GDPR and § 25(2) TDDDG (Germany).

No tracking, marketing, or analytics cookies are used.

We additionally use your browser's Web or Session Storage to improve the user experience.

What is Web/Session Storage?

Web/Session Storage is a client-side technology for storing data in your browser, conceptually similar to cookies but more secure and efficient.

Unlike cookies, Web Storage is not transmitted with every server request and is only accessible locally via scripts within the website. Only you and we can access this data – not third parties.

Legal basis

Technically necessary session cookies and web/session storage are necessary for certain website features and functions.

Legal basis: Article 6(1)(f) GDPR and § 25(2) No. 2 TDDDG (strictly necessary for providing a digital service explicitly requested by the user).

You may object under Article 21 GDPR. However, please note that such processing may be mandatory within the meaning of Article 21(1) GDPR, as the website cannot operate correctly without technically essential cookies or web/session storage.

You may manually deactivate session cookies or web/session storage in your browser settings. For more information, refer to your browser’s user guide.

Hosting Services

Our website is hosted on servers operated by external providers to ensure reliable and secure availability of our online services.

Each time the website is accessed, general information (server log files) is automatically transmitted to the hosting provider. See section "Server Log Files" for details.

Legal basis: Article 6(1)(f) GDPR (legitimate interest). Our interest lies in the secure and professional operation of the website without the need for in-house IT infrastructure.

You may object under Article 21 GDPR. However, this processing may be essential for the provision of the website.

Hosting Providers

Netlify Inc.

The front end of this website is hosted by Netlify Inc., a U.S.-based company offering serverless deployment and front end infrastructure.

• Address:
  Netlify, Inc.
  512 2nd Street, Fl 2
  San Francisco, CA 94107
  USA
• Privacy Policy: https://www.netlify.com/privacy/

A Data Processing Agreement in accordance with Article 28 GDPR has been concluded with Netlify.

Data transfers to the U.S. are protected by Standard Contractual Clauses and Netlify’s certification under the EU-U.S. Data Privacy Framework.

Hetzner Online GmbH

The back end and all subdomain platforms are hosted by Hetzner Online GmbH in Germany.

• Address:
  Hetzner Online GmbH
  Industriestr. 25
  91710 Gunzenhausen
  Germany
• Privacy Policy: https://www.hetzner.com/legal/privacy-policy

A Data Processing Agreement has also been concluded with Hetzner.

All data is stored and processed within the European Union (Germany).

Subdomains

The following additional public tools are hosted:

• links.accessibility.cool – Link sharing with LinkWarden

These platforms:

• are hosted on Hetzner Cloud on a tenant in Nuremberg or Falkenstein, Germany (https://docs.hetzner.com/cloud/general/locations/)
• are publicly accessible without user accounts
• use technically necessary cookies and web/session storage only
• may log IP addresses and access details (e.g. time, user agent)

Third-Party Services

To simplify our data processing and extend the functionality of our website, we use external services and resources (e.g., plugins, external content, software). In doing so, personal data may be transmitted to the service providers.

Where required, we have entered into data processing agreements in accordance with Article 28 GDPR, obligating these providers to process data only on our instructions.

We explicitly note that we are generally responsible only for the collection and transmission of data under the GDPR, not for subsequent processing by the service provider.

Content Delivery Networks (CDNs)

We use CDNs to deliver content quickly and relieve our web host by distributing traffic across global server locations.

CDNs deliver two types of content:

• Static content (e.g., scripts, images, code frameworks) – the same for all users
• Dynamic content (e.g., personalized data) – generated per user request

To deliver dynamic content, CDNs must process certain user data, which may include personal data.

General information (see "Server Log Files") is also transmitted to the CDN provider upon each access.

Legal basis: Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the fast and secure delivery of website content and relieving server load. You may object under Article 21 GDPR.

Cloudflare, Inc.

To improve the speed, reliability, and security of this website, we use the services of Cloudflare, Inc., a global content delivery network (CDN) and security provider.

• Address:
  Cloudflare, Inc.
  101 Townsend Street
  San Francisco, CA 94107
  USA
• Privacy Policy:https://www.cloudflare.com/privacypolicy/
• Data Protection Compliance:Cloudflare is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of protection for personal data transferred to the U.S. under Article 45 GDPR.
• Data Processing Agreement:A Data Processing Agreement in line with Article 28 GDPR has been signed with Cloudflare. Cloudflare only processes data on our behalf and in accordance with European data protection requirements.

When visiting this website, your IP address and other connection-related metadata may be routed through Cloudflare’s servers. This is necessary to provide DDoS protection, secure TLS encryption, and reduce website loading times.

Updates to This Policy

This privacy policy may be amended in line with legal or technical developments.

The version available at the time of your visit applies.

Last updated: June 2025