daniel/furtka
1
1
Fork 0
Code Issues 1 Pull requests Projects 1 Releases 13 Packages Wiki Activity Actions
furtka/website/content/datenschutz.md

81 lines
2.2 KiB
Markdown
Raw Normal View History

feat(website): legal pages (Impressum/Datenschutz) + auto-deploy on push-to-main Two coupled changes that make sense to land together: 1. Legal pages required under German law - /imprint/ + /de/impressum/ — §5 DDG disclosure (contact is email plus Forgejo-Issues as the second quick-contact channel, per ECJ C-298/07 no phone number required) - /privacy/ + /de/datenschutz/ — Art. 13 GDPR minimum: server-log processing (IP, UA, URL, retention ≤30 days), no cookies, no tracking, no third-party embeds. RLP Landesbeauftragter as the competent supervisory authority. - Footer partial linked from every page, localized per language. - DE versions are legally binding; EN versions are courtesy translations noting that. 2. Auto-deploy wired up - New workflow .forgejo/workflows/deploy-site.yml fires on push-to-main with paths under website/**. Runs on the self-hosted runner, which *is* forge-runner-01 — so "deploy" is just a local rsync into /srv/furtka-site and a hugo build into /var/www/furtka.org. No SSH, no secrets. - website/deploy-ci.sh is the SSH-free counterpart of deploy.sh, invoked by the workflow. - compose.yml bind-mounts /srv/furtka-site and /var/www/furtka.org into the runner container at matching paths so the workflow can reach them. Requires a one-time `docker compose up -d` on the runner host to pick the mounts up. - deploy.sh is kept for out-of-band manual deploys (testing from a local branch, CI outage) but gets a header comment pointing at the CI path as the normal flow. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 12:10:06 +02:00
---
title: "Privacy"
translationKey: "privacy"
url: /privacy/
sitemap:
priority: 0.2
---
### In short
This website sets **no cookies**, loads **no third-party fonts or
scripts**, embeds **no analytics or tracking services**, and contains
**no external embeds** (YouTube, Maps, social buttons, …). The only
technical data collected is short-lived server access logs.
### Controller
<address>
Daniel Maksymilian Syrnicki<br>
Hauptstraße 35<br>
55569 Monzingen<br>
Germany<br>
Email: <a href="mailto:hallo@furtka.org">hallo@furtka.org</a>
</address>
### Server logs
When you load a page, your browser sends technically necessary data to
the server, which stores it in log files:
- Date and time of the request
- IP address (in shortened form)
- Requested URL
- HTTP status code and bytes transferred
- Referrer (if sent by the browser)
- User-agent string
**Purpose:** serving the website and defending against abusive traffic.
**Legal basis:** Art. 6(1)(f) GDPR — legitimate interest in operation
and security.
**Retention:** up to 30 days, then automatically deleted.
**Recipients:** none. The site runs on our own infrastructure; no
external processor is involved.
**Transfers outside the EU/EEA:** none.
### Cookies and tracking
None. No cookies are set, no localStorage or sessionStorage is used, and
no tracking or analytics services are embedded. Because of this, no
consent under § 25 TDDDG (German implementation of the ePrivacy
directive) is required.
### Your rights
You have the right at any time to:
- Information about the data stored about you (Art. 15 GDPR)
- Correction of inaccurate data (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Object to processing (Art. 21 GDPR)
Send requests to hallo@furtka.org.
### Right to complain
You have the right to file a complaint with a data protection
supervisory authority. The competent one is:
**Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Rheinland-Pfalz**
Hintere Bleiche 34, 55116 Mainz, Germany
Website: <https://www.datenschutz.rlp.de>
### Last updated
This statement was last updated on 2026-04-18.
The German version of this privacy statement is the legally binding one.
Reference in a new issue Copy permalink