Privacy Policy
As you can imagine Privacy and Data protection is of a particularly high priority for me and my blog securitybydesign.de. The use of this Internet page is possible without any indication of personal data; however, if you want to post, comment on blog entries, or contact me, some processing of personal data is necessary.
The processing of your personal data, such as the name, address, or e-mail address, is always in line with the General Data Protection Regulation (GDPR). By means of this privacy policy, I would like to inform you how we collect, use and process personal data. Furthermore, you are informed of the data protection rights to which you are entitled.
Securitybydesign.de is based on the blog creation and content management system WordPress which provides technical measures to ensure the protection of personal data processed through this website. Security updates for WordPress and related plugins are installed on a regular base. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. Also, currently no encrypted https connection is used to transfer data. I am working on fixing this, but some other things in my life have higher priorities and since I do not transfer sensitive data http might be appropriate for a while 😉
1. Contact data of the blog owner
You can find some more information and how to contact me in the About me section.
2. Collection of general data and information
The website securitybydesign.de collects a series of general data and information when you visit it. This general data and information are stored in the server log files. The website is hosted by the German provider 1&1 (1&1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur).
Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, securitybydesign.de does not draw any conclusions about you or further analyze this data.
3. Registration on the website
You have the possibility to register on the website if you want to post or comment on blog entries. This protects my blog from automated or malicious entries. You decide which data you provide for registration. By registering on the website, the IP address — assigned by your Internet service provider (ISP) — and date, and time of the registration are also stored.
4. Comments function in the blog
If you leave a comment on the blog published on this website, it is of course stored and published, as well as information on the date of the commentary and on the user’s (pseudonym) chosen by the data subject.
5. Contact possibility via the website
The website of the securitybydesign.de has a contact form to directly get into touch with me. Again, you decide which personal data you provide. Feel free to use a pseudonym. Please be aware that your message is transferred by unencrypted email. So do not send too sensitive information via the contact form. But I am happy to establish a different communication channel to exchange confidential information with you if required. Your contact request will be deleted after the request has been completed.
6. Deletion of personal data
Securitybydesign.de processes and stores your personal data only for the period necessary to achieve the purpose of storage. Personal data not needed anymore are deleted. Your blog posts or comments can be deleted on your request.
7. Your rights
You have the right granted by the European legislator to obtain my confirmation as to whether or not personal data concerning you are being processed. Feel free to contact me if you want to know. You can also get free information about your personal data stored (which data, why, who, where, how, etc.) at any time and a copy of this information.
You also have the right to rectify inaccurate personal data or to erase your personal data on request. You also have the right to restriction of processing and to object, and the right to data portability.
8. Data Protection and Google Analytics
On this website the component of Google Analytics is used (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
For the web analytics through Google Analytics the controller uses the application “_gat. _anonymizeIp”. By means of this application the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze the traffic on my website. Google uses the collected data and information, inter alia, to evaluate the use of my website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.
Google Analytics places a cookie on your system. With the setting of the cookie, Google is enabled to analyze the use of the website. The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
You may prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on your system. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
In addition, you have the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, you must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of Internet pages may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.
9. Data protection and Shariff
On this website, I have integrated the component of Shariff. The Shariff component provides social media buttons that are compliant with data protection. Shariff was developed for the German computer magazine c’t and is published by GitHub, Inc.</span
The developers of the component is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, United States.
Typically, the button solutions provided by the social networks already transmits personal data to the respective social network, when a user visits a website in which a social media button was integrated. By using the Shariff component, personal data is only transferred to Google+, Facebook, Twitter, Linkedin, or XING, when you actively activate one of the social media buttons. The use of the Shariff component is intended to protect the personal data of the visitors my website and to enable me to integrate a button solution for social networks.