daniel/furtka
1
1
Fork 0
Code Issues 1 Pull requests Projects 1 Releases 13 Packages Wiki Activity Actions
furtka/website/content/datenschutz.md
Daniel Maksymilian Syrnicki b77ef80b56
All checks were successful
CI / lint (pull_request) Successful in 1m2s
Details
CI / test (pull_request) Successful in 1m19s
Details
CI / validate-json (pull_request) Successful in 55s
Details
CI / markdown-links (pull_request) Successful in 27s
Details
feat(website): legal pages (Impressum/Datenschutz) + auto-deploy on push-to-main 
Two coupled changes that make sense to land together:

1. Legal pages required under German law
   - /imprint/ + /de/impressum/ — §5 DDG disclosure (contact is email
     plus Forgejo-Issues as the second quick-contact channel, per ECJ
     C-298/07 no phone number required)
   - /privacy/ + /de/datenschutz/ — Art. 13 GDPR minimum: server-log
     processing (IP, UA, URL, retention ≤30 days), no cookies, no
     tracking, no third-party embeds. RLP Landesbeauftragter as the
     competent supervisory authority.
   - Footer partial linked from every page, localized per language.
   - DE versions are legally binding; EN versions are courtesy
     translations noting that.

2. Auto-deploy wired up
   - New workflow .forgejo/workflows/deploy-site.yml fires on
     push-to-main with paths under website/**. Runs on the self-hosted
     runner, which *is* forge-runner-01 — so "deploy" is just a local
     rsync into /srv/furtka-site and a hugo build into
     /var/www/furtka.org. No SSH, no secrets.
   - website/deploy-ci.sh is the SSH-free counterpart of deploy.sh,
     invoked by the workflow.
   - compose.yml bind-mounts /srv/furtka-site and /var/www/furtka.org
     into the runner container at matching paths so the workflow can
     reach them. Requires a one-time `docker compose up -d` on the
     runner host to pick the mounts up.
   - deploy.sh is kept for out-of-band manual deploys (testing from a
     local branch, CI outage) but gets a header comment pointing at
     the CI path as the normal flow.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 12:10:06 +02:00

80 lines
2.2 KiB
Markdown
Raw Blame History

---
title: "Privacy"
translationKey: "privacy"
url: /privacy/
sitemap:
priority: 0.2
---
### In short
This website sets **no cookies**, loads **no third-party fonts or
scripts**, embeds **no analytics or tracking services**, and contains
**no external embeds** (YouTube, Maps, social buttons, …). The only
technical data collected is short-lived server access logs.
### Controller
<address>
Daniel Maksymilian Syrnicki<br>
Hauptstraße 35<br>
55569 Monzingen<br>
Germany<br>
Email: <a href="mailto:hallo@furtka.org">hallo@furtka.org</a>
</address>
### Server logs
When you load a page, your browser sends technically necessary data to
the server, which stores it in log files:
- Date and time of the request
- IP address (in shortened form)
- Requested URL
- HTTP status code and bytes transferred
- Referrer (if sent by the browser)
- User-agent string
**Purpose:** serving the website and defending against abusive traffic.
**Legal basis:** Art. 6(1)(f) GDPR — legitimate interest in operation
and security.
**Retention:** up to 30 days, then automatically deleted.
**Recipients:** none. The site runs on our own infrastructure; no
external processor is involved.
**Transfers outside the EU/EEA:** none.
### Cookies and tracking
None. No cookies are set, no localStorage or sessionStorage is used, and
no tracking or analytics services are embedded. Because of this, no
consent under § 25 TDDDG (German implementation of the ePrivacy
directive) is required.
### Your rights
You have the right at any time to:
- Information about the data stored about you (Art. 15 GDPR)
- Correction of inaccurate data (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Object to processing (Art. 21 GDPR)
Send requests to hallo@furtka.org.
### Right to complain
You have the right to file a complaint with a data protection
supervisory authority. The competent one is:
**Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Rheinland-Pfalz**
Hintere Bleiche 34, 55116 Mainz, Germany
Website: <https://www.datenschutz.rlp.de>
### Last updated
This statement was last updated on 2026-04-18.
The German version of this privacy statement is the legally binding one.
Reference in a new issue View git blame Copy permalink