Sven Erik Matzen

Software Architect | Cloud & Security Expert | AI-enabled Solutions

Sven Erik Matzen – Privacy Policy

Personal data (usually referred to just as "data" below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the "GDPR"), "processing" refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to operate our website, which may result in those third parties processing data as our processors on our behalf.

Our privacy policy is structured as follows:

  1. Information about us as controllers of your data
  2. The rights of users and data subjects
  3. Information about the data processing

1 Information about us as controllers of your data

The party responsible for this website (the "controller") for purposes of data protection law is:

Sven Erik Matzen
Birkenweg 21a
35586 Wetzlar
Germany

sven@matzen.cloud

A data protection officer is not required to be appointed under Art. 37 GDPR for this website. For any data protection enquiries, please contact the controller directly using the address above.

2 The rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right

  • to confirmation of whether data concerning them are being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. Art. 15 GDPR);
  • to correct or complete incorrect or incomplete data (cf. Art. 16 GDPR);
  • to the immediate deletion of data concerning them (cf. Art. 17 GDPR), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
  • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. Art. 20 GDPR);
  • to file complaints with the supervisory authority if they believe that data concerning them are being processed by the controller in breach of data protection provisions (cf. Art. 77 GDPR). The competent supervisory authority for the controller is Der Hessische Beauftragte für Datenschutz und Informationsfreiheit.

In addition, the controller is obliged to inform all recipients to whom it discloses data of any corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller's future processing of their data, insofar as it is carried out on the basis of Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

3 Information about the data processing

Your data is processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.

Hosting and server connection data

This website is hosted as a static website on Microsoft Azure, a service of Microsoft Corporation, provided in the European Union by Microsoft Ireland Operations Ltd. The website is served from a Microsoft Azure region located within the European Union (Germany West Central). Microsoft acts as our processor within the meaning of Art. 28 GDPR; a data processing agreement (the Microsoft Products and Services Data Protection Addendum, including the EU Standard Contractual Clauses) is in place.

For technical reasons, when you access this website, connection data sent by your internet browser is processed by the hosting infrastructure in order to deliver the website to you and to ensure its stability and security. This data may include the type and version of your browser, your operating system, the website from which you came (referrer URL), the web pages on our site you visit, the date and time of your access, and the IP address from which you access our site.

The legal basis for this processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website. This connection data is not merged with other data and, insofar as access logs are generated, is stored only for as long as necessary for the purposes stated above and then deleted.

Cookies

This website does not use cookies. We do not store information on your terminal equipment and we do not access information already stored there within the meaning of § 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG). In particular, no cookies are used for analysis, tracking, or advertising purposes, and no third-party advertising cookies are set. For this reason, no cookie consent banner is displayed.

Web analytics with Umami

To analyse the use of our website statistically and on an aggregated basis, we use Umami, a privacy-focused web analytics service provided by Umami Software, Inc. (San Francisco, USA). We use the managed Umami Cloud service with the European Union data region, so that the processing of analytics data takes place on servers located within the EU.

Umami is designed to be privacy-preserving:

  • it does not use cookies and does not store information on, or access information from, your terminal equipment;
  • it does not store IP addresses (a visitor's IP address is processed only transiently to generate a salted, rotating hash and is not retained);
  • it does not track visitors across different websites and does not create user-level profiles;
  • the data collected is aggregated and not attributable to an identifiable natural person.

The data processed for these purposes may include the pages visited, the referring website, the approximate geographic origin (country level), the device type, the browser, the operating system, and the screen resolution.

The legal basis for this processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the needs-based design, statistical evaluation, and continuous improvement of our website. Because Umami does not access information stored on, or store information on, your terminal equipment, no consent under § 25 TDDDG is required.

We have concluded a data processing agreement with Umami pursuant to Art. 28 GDPR. As the provider is a company based in the USA, an access to personal data from a third country cannot be entirely excluded despite the use of the EU data region. Any such transfer is safeguarded by the EU Standard Contractual Clauses pursuant to Art. 46 Para. 2 lit. c) GDPR, which form part of our data processing agreement with Umami. A copy of the relevant safeguards can be obtained from us using the contact details above.

Analytics data is automatically deleted after the retention period applicable to our Umami Cloud Hobby plan.

You may object to this processing at any time with effect for the future pursuant to Art. 21 GDPR, using the contact details provided in Section 1.

Contacting us

If you contact us, for example by email, the data you provide (such as your email address and the content of your message) will be processed in order to handle your enquiry. The legal basis for this processing is Art. 6 Para. 1 lit. f) GDPR (our legitimate interest in responding to enquiries) and, where your enquiry is aimed at concluding or performing a contract, Art. 6 Para. 1 lit. b) GDPR. The data will be deleted once your enquiry has been conclusively dealt with and no statutory retention obligations prevent its deletion.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the "https://" prefix and the lock symbol in your browser's address bar.

Changes to this privacy policy

We reserve the right to amend this privacy policy to ensure that it always complies with current legal requirements or to reflect changes to our services, for example when introducing new services. The new privacy policy will then apply to your next visit.