Privacy policy
. 4 min read (838 words).
This privacy policy explains how the website processes personal data.
The website is owned, controlled, and created in Sweden (within the EU) by Hampus Wessman.
Providing this information is required by article 13 of the GDPR and by similar legislation around the world.
Topics:
Summary
This website processes small amounts of personal data (e.g. IP addresses) in order to provide the service. It is hosted in the EU using only sub-processors from the EU. Web analytics is collected without storing personal data or tracking individual users.
In order to provide a good service also outside of the EU, some necessary data processing may take place outside of the EU. This primarily affects anyone located outside of the EU themselves and relates to DNS servers and potentially a CDN.
The goal is to preserve visitors’ privacy and avoid unnecessary processing of personal data.
What data is collected and/or processed?
The following processing of visitors’ personal data may occur:
- Personal data contained in network requests from the visitor, including but not limited to the public IP address, will be processed to provide the service.
- Anonymous website visitor statistics is kept, with the intent of excluding any personal data.
Note that IP addresses are (generally) considered personally identifiable information (PII) and access logs therefore contain personal data.
How is the data collected?
Data is collected as a necessary part of providing the service. No additional personal data is intentionally collected about visitors.
An effort is made to collect as little personal data as is reasonable. Please refrain from sending unexpected personal data in requests to the website.
Who processes the data
Personal data is processed by me on my servers within the EU and my data processors.
List of data processors:
- Hetzner: German server hosting company, where I rent my servers. See their privacy policy. I also have a DPA with Hetzner.
- ClouDNS: Bulgarian DNS hosting company. Provides globally-distributed DNS hosting. See their privacy policy.
How and why is your data processed?
Your personal data is processed primarily because it is necessary to provide the requested service. To a much more limited extent and when there is such a need, some personal data (such as access logs) may also be processed in order to operate and troubleshoot the service or prevent abuse, which constitutes a legitimate interest.
How is data stored and protected?
Personal data from website requests may be stored for a limited time by both me and the data processors as described above. Access to this data will be limited and it will be reasonably well protected. Where possibly, any data is stored within the EU.
No personal data is stored otherwise. Website statistics is anonymous.
Transfer of data
Data is primarily processed within the EU. Data is not actively transferred outside of the EU, but may be received outside the EU as explained below.
To provide good performance everywhere, DNS servers and potentially a content-delivery network (CDN) exist outside of the EU too. These globally-distributed servers will respond to local queries in a best-effort way. Therefore, some requests may be processed outside the EU and this will primarily affect visitors located elsewhere.
Are cookies used?
The website uses no cookies to track visitors. Your public IP address is unavoidable to receive, however. See above for how IP addresses are used.
Is automated profiling performed?
The website doesn’t perform automated individual decision-making, including profiling, by using personal data collected from visitors.
Is consent required for any data processing?
Processing of personal data is kept to a very low level on this website. The remaining processing of personal data related to visitors is based on legitimate interest or pure necessity to fulfil requests. Consent from the visitors is therefore not needed and a high level of privacy is kept at all times instead.
Privacy policies of other websites
The website contains links to other websites. This privacy policy applies only to this website, so if you click on a link to another website, you should read their privacy policy.
Know your rights
Please inform yourself of your rights under the GDPR and any other applicable law.
Changes to the privacy policy
I keep the privacy policy under regular review and place any updates on this web page. It was last updated on .
How to contact me
See the About page for contact details. Please contact me if you have questions, requests, or believe that the website is not compliant.
How to contact the appropriate authority
If you want to report an official complaint, you can contact The Swedish Authority for Privacy Protection or another authority that you deem more appropriate.