Privacy Policy | Xelveror

1. Controller

The controller for data processing on this website is the operator of xelveror.eu, located in Germany. This site is a static educational resource with no user accounts, no e-commerce functionality, and no active backend data collection infrastructure.

2. Data collected automatically

When you access this website, your browser may transmit the following information to the web server as part of standard HTTP communication:

IP address (typically stored in server access logs for up to 7 days)
Date and time of the request
URL of the requested resource
HTTP referrer header (the page you navigated from)
User-agent string (browser and operating system)
Response status code and size

This data is processed on the basis of Article 6(1)(f) GDPR (legitimate interest) to ensure the technical operation of the server and to detect and respond to attacks. It is not used for tracking individual visitors across sessions, combined with other data sources, or passed to third-party analytics services.

3. Cookies and local storage

This website uses a single item of browser local storage (key: xelveror_cookie_consent) to store your response to the cookie consent banner. This value is a string ("accepted" or "rejected") stored only in your browser. It is not transmitted to any server, not combined with any other data, and not used for tracking.

No third-party cookies are set by this website. No analytics tracking scripts (Google Analytics, Matomo, etc.) are loaded. No advertising networks are used.

4. External resources

This website loads a stylesheet from Google Fonts (fonts.googleapis.com). When your browser requests this resource, your IP address is transmitted to Google's servers. Google's privacy policy is available at policies.google.com/privacy. The legal basis for this processing is Article 6(1)(f) GDPR (legitimate interest in delivering a readable interface).

Article images are loaded from Wikimedia Commons (upload.wikimedia.org). Your IP address is transmitted to Wikimedia Foundation servers when images load. See the Wikimedia Foundation Privacy Policy at foundation.wikimedia.org.

External links to IETF, ISO, BSI, and other reference websites open in new browser tabs. This site does not control those external resources or their data practices.

5. Contact form

The contact form on the About page is a client-side simulation. No data entered in the form is transmitted to any server, stored in any database, or sent via email. The form exists solely to demonstrate a user interface. Any text you enter is processed only in your browser's memory and is discarded when you close or refresh the page.

6. Your rights under GDPR

As a data subject under the GDPR, you have the following rights with respect to any personal data we hold:

Right of access (Art. 15): to obtain confirmation of whether personal data is processed and receive a copy.
Right to rectification (Art. 16): to have inaccurate data corrected.
Right to erasure (Art. 17): to have data deleted where there is no legitimate basis for continued processing.
Right to restriction (Art. 18): to restrict processing in certain circumstances.
Right to object (Art. 21): to object to processing based on legitimate interest.
Right to lodge a complaint with the relevant supervisory authority. In Germany, the relevant authority is the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI).

7. Data retention

Server access log data, where retained at all, is deleted after no more than 7 days unless required longer for security incident investigation. No other personal data is stored by this website.

8. Changes to this policy

This privacy policy may be updated to reflect changes in the website's operation or applicable law. The last-updated date at the top of this page reflects the date of the most recent revision. Continued use of the website after a policy change constitutes acknowledgment of the updated policy.