Thomas Weigold

Homepage & Blog out of the life of a computer scientist

Data privacy statement

During the visit of on of my services as an unregistered user, only personal data related to (§3 Server logfiles) will be processed. On the other hand, for registered users some more personal data, that was transferred to the server, is used in order to offer the respective service extensively. If consent is required for the collection of personal data and no law explicitly permits it, the user will be asked for such during the registration process.

Validity of the privacy policy:

§1 Responsible for the processing of personal data

Thomas Weigold
Hans-Purrmann-Str. 30
67141 Neuhofen
Rhineland-Palatinate
Germany

E-Mail: contact202401.website@thomasweigold.de

§2 Cookies

The homepage itself does not use cookies, however, cookies may be used by pages that are accessed via a subdomain. To learn about the usage of cookies on pages that are accessed via a subdomain, please refer to the respective paragraph which specifically takes care of the service.

§3 Server logfiles

Every page request generate a new entry inside of the server logfile, which is technically needed to guarantee for the stability and safety of the web service. In addition to the technical necessity, we reserve the right to use the log data to determine the number of users within a certain period of time, as well as to analyze the most interesting pages across all users. The data which was saved inside of the logfiles, will be automatically deleted after 14 days.

The following information will be recorded inside of the logfiles:

e.g.
a02:810c:ffff:ffff:ffff:ffff:ffff:ffff - - [07/Apr/2021:21:49:15 +0200] "GET /imprint/ HTTP/2.0" 200 1337 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0"

§4 Services with regard to this data privacy statement

To publish and specify which data gets processed during the interaction with one of the services hosted within the scope (ref. validity of the privacy policy) of this privacy statement, even if an authorization has already been granted for this in accordance with §6 GDPR 1 b-f, the following part has been created. The following subsections are valid for the specified services, defined individually in each subsection, together with their respective sitename(s) and in context of the rules defined in the other paragraphs of this privacy statement. In the case that a service is not listed inside this chapter, only the common rules apply and no other processing of personal data will occur.

§4.1 Gitlab Service

Sitename: https://git.dev.thomasweigold.de
Sitename: https://git.dev.itronik.net
During the use of the gitlab service the following external ressources will be used:

For Users which are logged in to my gitlab instance additional data could be processed, dependent on the functions provided and used by gitlab:

All of the above stated information could be publicly available if this was explicitly set up by the user inside of their group / project settings. Equivalently to the aforementioned guest policy, the connection to gravatar will also be established for logged in users.

§4.2 Nextcloud Service

Sitename: https://cloud.thomasweigold.de
Guests and logged in users can be given the ability to view a publicly available document or upload files to the server themselves. For logged in users additional data will be processed:
Due to the functionalities and capabilities of a file, a calendar and a contact cloud the user has the option to store their private files on my server to back up and/or sync their files between multiple devices. To do this the user has to upload this data to my system, where it will be stored and may also be backed up by me to avoid a loss of data in the event of a disk failure. Furthermore,the files can be shared internally or publicly with or without password protection.

§4.3 Matrix Service

Sitename: https://matrix.itronik.net
The matrix protocol allows the user to join a decentralised and E2E encrypted (optionally) chat environment. For users of my server the following data will be processed:

Although obvious it should nonetheless be mentioned: Messages which are sent or received by users of my matrix instance will be stored on my server until the user (or another member of the discussion) deleted such a message. For the most discussions this message should be E2E encrypted.

§4.4 DNS Service

I host my own DNS server in order to be able to manage the zones of my domains independently, and thus not to provide third parties with further data in case of DNS requests. To the outside world, my DNS Server will just answer requests related to zones managed by it.

The following information will be recorded inside of the logfiles:

e.g.
client @0x7f7f7f7f77f 1.2.3.4#39128 (example.com): query (cache) 'example.com/A/IN' denied

§5 Right to information

According to GDPR, at any given point of time the user has the right to request whether any personal data of theirs has been stored, and what kind of data that is. To receive such information, send us an e-mail or a letter to the address which can be found under §1.. In order to speed up the process, we would appreciate a proof of identity (i.e. whether the personal data is really yours) within the information request.

§4 Right to erasure

Another point of GDPR is that every user has the right to have their personal data deleted by the provider after the affected person has requested that. To enforce this right please send us an e-mail or a letter to the address which can be found under §1. In order to speed up the process, we would appreciate a proof of identity (i.e. whether the personal data is really yours) within the information request.