mborst.dev

Privacy Policy

Last updated: 07.12.2025

Controller

Maximilian Borst
Email: [email protected]

Hosting

This website is hosted in the EU/EEA. When you access the site, server logs are created (e.g., IP address, date/time, user agent). The processing is necessary to ensure technical operation (Art. 6(1)(f) GDPR). Log data is processed for troubleshooting and security and is regularly deleted.

Analytics (no cookies)

We count page views using only the visited URL, without cookies or profiles. IP addresses are not stored in the counters. We also record anonymous survey interaction metrics (how often a survey is shown, how many responses are submitted, and how often survey results are viewed) without storing identifiers. The legal basis is our legitimate interests in reach measurement (Art. 6(1)(f) GDPR).

Server logs may temporarily include your IP address and user agent to ensure operation and security (firewalling, abuse prevention). These logs are processed only for those purposes and deleted when no longer needed.

RSS Feed

We offer an RSS feed to subscribe to new posts. When accessing the feed, standard server logs (IP address, timestamp) are processed to deliver the content, as described in the "Hosting" section above. No tracking pixels or analytics are used within the feed itself.

Cookies

We do not set any non-essential cookies. For the protected admin area, a technically required cookie is set (admin_auth, duration: up to 8 hours, purpose: access to the admin area). No consent is required for this cookie.

Surveys in blog posts

Blog posts may include interactive surveys. Participation is voluntary. Unless stated otherwise, we do not ask for names, email addresses, or other identifiers. We store the following data depending on survey type:

In some posts, we may publicly display survey results, including free‑text responses, directly on the page. This happens only for surveys where public display is enabled by us and is limited to the exact text you submit. Please avoid including personal data in any free‑text responses as they may be visible to all visitors of the website.

  • Single/Multi choice: Your selected option(s).
  • NPS (0–10): The score you select.
  • Free text: The text you submit. Please avoid including personal data. We do not verify or moderate submissions in real time.
  • Editable (free text with updates): The latest text you submit. To enable editing from the same browser, we store a short, random identifier (uid) in your browser storage and include it with your submission. This uid is not linked to your identity and is only used to replace your own previous answer.

For technical reasons we also store a timestamp. We do not store IP addresses or user agents with survey responses, and we do not link responses to profiles. To prevent duplicate submissions in the same browser, a small local storage flag is set ( survey:<id>:voted ), which is only stored in your browser and not sent to us. For editable surveys, we additionally store a random uid in your browser ( survey:<id>:uid ) and send it with your responses so you can update your own answer. No survey cookies are used.

Purpose: Measuring audience preferences, improving content, and optionally displaying aggregated results within posts.

Legal basis: your consent by submitting a response (Art. 6(1)(a) GDPR). Aggregated, non-personal analysis is based on our legitimate interests (Art. 6(1)(f) GDPR).

Storage and retention: Survey responses are stored on our server in the EU/EEA in a file-based format. We aim to keep raw responses for no longer than necessary for analysis and publication of aggregated results; unless stated otherwise, responses are retained for up to 24 months and then deleted.

Data recipients: We do not share survey responses with third parties unless legally required. No automated decision-making or profiling is carried out.

Your choices: You can refrain from participating. Because we do not collect identifiers with survey responses, individual responses generally cannot be attributed to you. If you believe your free-text response contains personal data and would like it removed, please contact us and include the exact text you submitted so we can locate and erase it.

Admin area

An admin dashboard is available only to authorized personnel. Access is protected by a short‑lived, essential cookie (admin_auth), used solely to maintain a session for the admin area. Admin users can view aggregated survey results and, where applicable, free‑text responses to moderate content. This processing is necessary for site administration and content management (Art. 6(1)(f) GDPR).

External content (YouTube and Twitter/X)

External media is blocked by default. We render a visible “Load …” button and only fetch the embed after you actively click. Until you click, no requests are sent to third parties and no third‑party cookies are set by these embeds.

  • YouTube: After clicking, videos load from youtube-nocookie.com inside a sandboxed iframe with restrictive permissions. Provider: Google Ireland Limited. Privacy information: Google Privacy Policy . A transfer to third countries (e.g. USA) is possible.
  • Twitter/X: After clicking, Tweets load from platform.twitter.com via a sandboxed iframe. We request the embed with the dnt=true parameter and do not load the global widgets.js script by default. Provider: X Corp. Privacy information: Twitter Privacy Policy . A transfer to third countries (e.g. USA) is possible.

Legal basis for loading such media is your consent by clicking the respective “Load …” button (Art. 6(1)(a) GDPR). The choice is not stored beyond the current view.

Your rights

Under the GDPR, you have rights to access, rectification, erasure, restriction of processing, objection, and data portability. You also have the right to lodge a complaint with a supervisory authority.

Contact

For privacy questions, contact us by email at [email protected].