DE

Privacy Policy

1. Controller

Controller within the meaning of the General Data Protection Regulation (GDPR):

Marcus Kober
Vogelsanger Str. 199b
50825 Cologne
Germany

Email: hello@marcuskober.de

2. Overview

This website respects your privacy. In short:

  • No tracking cookies — we do not set our own tracking cookies
  • No analytics — no Google Analytics, no tracking tools
  • Fonts served locally — no Google Fonts CDN
  • No social media plugins — only plain links
  • Minimal data collection — only what is technically necessary

3. Hosting (Cloudflare Pages)

This website is served via Cloudflare Pages, a service by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.

What is collected?

When you visit this website, data is transmitted through Cloudflare's Content Delivery Network (CDN). The following data may be processed:

  • IP address
  • Date and time of access
  • Requested URL
  • Browser and operating system (User-Agent)
  • HTTP status code
  • Amount of data transferred
  • Referrer URL (the previously visited page)

Cloudflare may also set technically necessary cookies (e.g., __cf_bm for bot management). These serve exclusively security and functionality purposes and are not tracking cookies.

Why?

The use of Cloudflare is technically necessary to serve the website performantly and securely (CDN, DDoS protection).

Legal basis

Art. 6 para. 1 lit. f GDPR (legitimate interest: performant and secure operation of the website)

Data transfer to third countries

Cloudflare also processes data in the USA. Cloudflare is certified under the EU-US Data Privacy Framework, which ensures an adequate level of data protection. More information: Cloudflare Privacy Policy

Retention period

Cloudflare typically does not retain log data for more than 24 hours, unless required for security purposes.

4. Contact by Email

What is collected?

When you send me an email (hello@marcuskober.de), the data you provide (email address, name, message content) is processed in order to respond to your inquiry.

Legal basis

Art. 6 para. 1 lit. b GDPR (performance of a contract / pre-contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to inquiries)

Retention period

Emails are retained for as long as necessary to handle the inquiry and are then deleted — unless statutory retention obligations apply.

Disclosure

Your data will not be shared with third parties.

5. Fonts

This website uses the fonts Inter, Fraunces, and JetBrains Mono. These fonts are served exclusively from this server — no connection is made to Google Fonts or any other external server. No personal data is transferred to third parties in this context.

6. YouTube Videos

This website may embed videos from YouTube. A two-click solution is used: the YouTube player is only loaded after your explicit confirmation. Before you click, no data is exchanged with YouTube's servers.

What does this mean?

Instead of an immediately loading iframe, you first see a placeholder with a "Load video" button. Only when you click this button is the YouTube player embedded — exclusively in enhanced privacy mode (youtube-nocookie.com). From that point on, data may be transmitted to YouTube (Google LLC), including your IP address and browser information.

Controller for YouTube

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

For more information about YouTube's privacy practices: https://policies.google.com/privacy

Legal basis

Art. 6 para. 1 lit. a GDPR (consent given by actively clicking "Load video")

7. Theme Preference (localStorage)

This website saves your preferred color scheme (Light/Dark/Auto) locally in your browser using localStorage. This is not a cookie and not tracking — the entry never leaves your browser and is not transmitted to the server. It can be deleted at any time in your browser settings.

8. External Links

This website contains links to external services such as:

  • GitHub (github.com) — Microsoft Corporation
  • LinkedIn (linkedin.com) — LinkedIn Ireland Unlimited Company
  • Mastodon (phpc.social) — independent instance

These links lead to external websites whose privacy practices are the responsibility of their respective operators. Clicking a link takes you away from this website. Merely displaying these links does not transfer any data to the listed services.

9. Web Analytics (Cloudflare Web Analytics)

This website uses Cloudflare Web Analytics, a privacy-friendly analytics service by Cloudflare, Inc. This service collects no personal data, sets no cookies, and uses no fingerprinting.

Only aggregated, anonymous data is collected, such as page views, referrers, country, and browser type. It is not possible to identify individual users or create profiles.

Legal basis

Art. 6 para. 1 lit. f GDPR (legitimate interest in anonymous usage analysis to improve the website). No cookie banner is required as no cookies are set and no personal data is collected.

10. Cookies

This website sets no tracking cookies of its own. No profiling or behavioral analysis takes place.

Cloudflare may set technically necessary cookies (e.g., __cf_bm) that serve exclusively security purposes and do not create personal profiles. These cookies are permissible under Art. 6 para. 1 lit. f GDPR and do not require a cookie banner.

11. Your Rights

Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR): You can request information about the personal data stored about you.
  • Right to rectification (Art. 16 GDPR): You can request the correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR): You can request the deletion of your data ("right to be forgotten").
  • Right to restriction of processing (Art. 18 GDPR): Under certain circumstances, you can request the restriction of processing.
  • Right to data portability (Art. 20 GDPR): You can receive your data in a common, machine-readable format.
  • Right to object (Art. 21 GDPR): You can object to the processing of your data where it is based on Art. 6 para. 1 lit. f GDPR.

To exercise your rights, contact: hello@marcuskober.de

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority for North Rhine-Westphalia is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4
40213 Düsseldorf, Germany
https://www.ldi.nrw.de

13. Currency of This Privacy Policy

This privacy policy is currently valid as of April 2026. As the website evolves or legal requirements change, it may become necessary to update this policy.