← HomePrivacyAbout

Privacy

Vienna,
January 17, 2025

1. Introduction

I operate my business & website (https://leomuehlfeld.at) in Austria (EU) and take your privacy very seriously. This Privacy Policy explains what personal data I collect, how I use it, and the rights you have under the EU General Data Protection Regulation (GDPR).

2. Data Controller

I am the data controller responsible for processing personal data on this website.

Leo Mühlfeld
Engerthstraße 124, Hinterhaus
1200, Vienna, Austria
Email: mail@leomuehlfeld.at

3. Data Collection and Use

3.1. Usage Data (Server Log Files)

My website is hosted by Vercel Inc. When you visit my website, Vercel may automatically collect and store certain information in “server log files.” This includes:

  1. Time of Visit
  2. Route
  3. URL
  4. Referrer
  5. Browser type and version
  6. Network Speed
  7. Device Type
  8. Device OS and version
  9. Device type
  10. Country (ISO 3166-1 alpha-2)
  11. Web Vital
  12. Web Vital Attribution
  13. SDK Information
  14. Server-Received Event Time

These log files help me (and Vercel, acting as a data processor) ensure the functionality, stability, and security of the website, as well as perform internal statistical analysis. The legal basis is my legitimate interest (Article 6(1)(f) GDPR).

Data Transfer: Data collected by Vercel might be transferred to servers located outside the EU/EEA (e.g., the United States). Vercel hosts my website and – according to their Securtiy & Compliance Measures – comply with applicable data protection regulations (including the GDPR) and maintain robust security and compliance measures to safeguard your data.

For more information on Vercel’s data practices, please seeVercel’s Privacy Policy.

3.2. Contacting Me

If you contact me (for example, via email), I process the personal data you provide (such as your name, email address, or message content) to respond to your request. The legal basis for this processing is Article 6(1)(b) GDPR (pre-contractual/contractual measures) or Article 6(1)(f) GDPR (legitimate interest in responding to inquiries).

4. Web Analytics

Vercel Web Analytics Privacy & Compliance

I use Vercel Web Analytics, provided by Vercel Inc., to understand how visitors interact with my website. Vercel Analytics may collect pseudonymized or anonymized IP addresses, device information, pages visited, and time spent on those pages.

Legal Basis: Article 6(1)(f) GDPR. I have a legitimate interest in analyzing user behavior to optimize content and technical performance.

Data collected by Vercel Web Analytics might be transferred to servers located outside the EU/EEA (e.g., the United States). As per their Securtiy & Compliance Measures, Vercel complies with applicable data protection regulations (including the GDPR) and maintain robust security and compliance measures to safeguard your data.

5. Speed Insights

Vercel Speed insights Privacy & Compliance

I also use Vercel Speed Insights to monitor and improve my website’s performance. This includes measuring metrics like page load times and resource loading.

Legal Basis: Article 6(1)(f) GDPR. I have a legitimate interest in maintaining and improving my website’s performance and user experience.

Data collected by Vercel Spped Insights might be transferred to servers located outside the EU/EEA (e.g., the United States). As per their Securtiy & Compliance Measures, Vercel complies with applicable data protection regulations (including the GDPR) and maintain robust security and compliance measures to safeguard your data.

6. Fonts

I use self-hosted fonts. Therefore, no personal data related to font loading is transmitted to external providers. All font files are stored on my own server.

7. Cookies

I do not use cookies. If I decide to implement non-essential cookies, I will update this policy and, where required, obtain your consent (Article 6(1)(a) GDPR).

8. Data Retention

I retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Server log files are typically kept for a short duration (e.g., 14 days) unless a longer retention period is required for security or legal reasons.

9. Data Security

I use appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes secure server infrastructure, encrypted data transmission (HTTPS), and regular updates.

10. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  1. Right of access (Article 15 GDPR): Request information about the personal data I hold about you.
  2. Right to rectification (Article 16 GDPR): Request the correction of inaccurate personal data.
  3. Right to erasure (Article 17 GDPR): Ask me to delete your personal data, subject to certain conditions.
  4. Right to restriction of processing (Article 18 GDPR): Request that I limit the processing of your personal data under certain circumstances.
  5. Right to data portability (Article 20 GDPR): Receive your personal data in a structured, commonly used, machine-readable format.
  6. Right to object (Article 21 GDPR): Object to the processing of your personal data if it is based on legitimate interests.
  7. Right to withdraw consent (Article 7(3) GDPR): If processing is based on your consent, you may withdraw it at any time with future effect.

To exercise any of these rights, please contact me using the information provided in the “Data Controller” section. You also have the right to lodge a complaint with the competent data protection supervisory authority in your country. In Austria, this is the Austrian Data Protection Authority (Datenschutzbehörde).

11. Changes to this Privacy Policy

I may update this Privacy Policy from time to time to reflect changes in my data practices or legal requirements. I will post any updates on this page, and the revised version will be effective as soon as it is posted.