Privacy

TL;DR

I’m not interested in your data and I don’t save any of it that’s not needed for my websites to work. I keep some anonymized statistics in some places to get a grip on how often my sites are used.

My services are hosted on a homeserver, some files are hosted on Uberspace, emails from my services are sent via Mailgun.

If you have any questions about your data, don’t hesitate to contact me.

Sites & Services

This privacy statement is applicable to the following public or semi-public websites and services I provide:

• main website and blog: https://www.eisfunke.com
• other website: https://www.online-lenz.de
• side websites: https://lightfold.dev, https://gl.eisfunke.com
• site of the podcast “Das System ist das Problem”: https://www.systemproblem.de
• site of the podcast “Bytegeschichten”: https://bytegeschichten.eisfunke.com
• account service: https://auth.eisfunke.com
• Mastodon: https://inductive.space
• ticketing: https://events.eisfunke.com
• HedgeDoc: https://pad.eisfunke.com
• GitLab: https://git.eisfunke.com
• GitLab pages: *.pages.eisfunke.com (where provided by myself)
• Kroki: https://diagrams.eisfunke.com
• Docker registry: https://registry.eisfunke.com
• Grist: https://data.eisfunke.com
• Matrix chat: matrix.eisfunke.com
• Mock API service: https://mock.eisfunke.com
• Geocaching game for GCA4HPX: https://gca4hpx.eisfunke.com
• mailing lists: https://lists.eisfunke.com
• status page: https://status.eisfunke.com

Responsible

Nicolas Lenz
Stockumer Str. 18
44225 Dortmund
Germany

E-Mail: legal-7754@eisfunke.com (please be aware that this address is subject to change)
Phone: 0231-20628758

Processing

Hosting

All my services are only available using modern end-to-end encryption using TLS and HTTPS, meaning that nobody, like providers and attackers, should be able to read the contents of any communications between my services and you. The software these services are running on is kept up-to-date.

However, please keep in mind that even state-of-the-art technology can have security problems. Therefore, a gapless protection of all data cannot be guaranteed.

Most of my sites and services are hosted on my homeserver completely under my control (for exceptions see below). My server uses full-disk encryption, so all data is always only saved in encrypted form. The setup of my server is completely open-source as NixOS configuration in a public Git repository, if you’d like to audit it and verify what and how data is processed.

Off-Site Backups

The data on my homeserver is backed up daily to a server at another location (my parent’s house, to be precise) for geographic redundancy. The backups are done using Borg Backup, and fully encrypted.

Telekom

The internet connection for my homeserver is provided by Telekom Deutschland GmbH. Thus, all connections to my pages and services go through them. As mentioned, all my services are only available over encrypted connections, so they should at most be able to collect metadata like access times. Your own internet service provider is capable of that anyway, though.

Uberspace

Some larger media files (images, audio files on systemproblem.de) that are instead served from Uberspace to spare my connection some traffic. My status page is also hosted there. I chose Uberspace in part because they’re well-known for their focus on privacy and security.

Please consult their own privacy statement and this additional agreement concerning the mandated processing of data (in German) for details.

Mailgun

Some of my services send emails to you, e.g. when creating an account on auth.eisfunke.com, you will receive an email to confirm your account, or if you use my GitLab, it will send notification emails to you.

Because sending email from self-hosted infrastructure is nigh on impossible nowadays, these emails are sent via Mailgun by Sinch. I use their EU server, and have turned the tracking settings off as far as possible.

Please consult their own privacy policy and their data processing addendum regarding the mandated processing of data for details.

Collected Data

In general, my servers do not keep any access logs. That means that under normal circumstances I don’t know when somebody used my websites. I do however keep error logs for diagnostic purposes, which contain the IP address of the client that caused the error.

I run a variety of services that process different kinds of data, but in general, I don’t try to track you in any way. More details on what data I collect and process can be found below.

Podlove

My podcast pages (Das System ist das Problem / Bytegeschichten) use Podlove Publisher. Podlove tracks download statistics. IP addresses are used to determine an estimated geographic location (city or state level).

IP addresses are stored temporarily (up to 48 hours) as part of a request ID. This is necessary because I need to know how often episodes are downloaded to prove the viability of my endeavor. The User Agent is stored as well.

To determine a realistic download number, the system must be able to recognize repeated access to the same file by the same user. The only reliable way to achieve this is by considering the IP address in combination with the User Agent. Using an anonymized IP address is not possible because it would lead to wrong results. Access to the same file by the same user on different days can be considered separate downloads, therefore it is necessary to store IPs for only up to 48 hours. After 48 hours request IDs are salted in a way that makes it impossible to restore the original IP address.

Accounts

Some of my services allow you to create an account, either directly or via auth.eisfunke.com. This makes it necessary for some metadata to be saved pertaining to the account. That includes your IP address, mail address and chosen username.

User Content

Some of my services allow you to submit content of some type. This content will, of course, be saved and be made publicly available where applicable.

Mastodon / Matrix

I run a mastodon server under inductive.space. This server participates in the federated network called “Fediverse”. This means: if you have an account there and post something, that post will be relayed to other users on other servers, which are not under my control. Also, if you have an account on another server, my server might receive posts and, thus, process data by you.

A similar principle applies to my Matrix chat server matrix.eisfunke.com: messages and data are exchanged with other servers.

Cookies

Cookies are small files saved in your browser by websites. That is necessary to recognize you so that you don’t need to enter your password every time you open a website. My services that allow usage with a registered account use cookies for that purpose.

E-Mail

When you write me an email, I of course have to process the email’s data, including your email address, to be able to read and reply to your message, like every recipient of any e-mail has to.

When you receive email from my services, that is sent via Mailgun - see above for details.

Third Parties

I do not sell, trade or transfer any data to third parties, with the exception of Uberspace and Mailgun where necessary for providing the service – see above for details.

Your Rights

Note that according to the GDPR you have the right to:

• demand information about usage, the data collected and saved about you
• demand restriction of collection of data related to you
• demand deletion of data related to you, including data made public
• complain at a supervising authority

Please contact me if you want to utilize any of these rights and note that these rights are subject to restrictions and exceptions, e.g. when infeasible.

Disclaimer

If you think anything is missing in this document, please contact me.