<!--%%staticTitle:'Privacy Policy'%%-->
<!--%%staticCache:604800%%-->
<!--%%staticSitemap:'2025-11-09','weekly',0.5%%-->
<!--%%staticHeadMeta:'audience','Everyone'%%-->
<!--%%staticHeadMeta:'author','cisco211'%%-->
<!--%%staticHeadMeta:'contact','/contact'%%-->
<!--%%staticHeadMeta:'date','2025-11-09'%%-->
<!--%%staticHeadMeta:'description','Privacy Policy for this website.'%%-->
<!--%%staticHeadMeta:'keywords','Privacy Policy,Content,Referrals,Links,Cookies,Legal'%%-->
<!--%%staticHeadMeta:'operator','cisco211'%%-->
<!--%%staticHeadMeta:'page-topic','Legal,Privacy Policy'%%-->
<!--%%staticHeadMeta:'page-type','Legal information'%%-->
<!--%%staticHeadMeta:'publisher','cisco211'%%-->

> **Summary:**
> This website collects only necessary personal data, does not exchange/trade/sell data and respects privacy.
> Contact can be made via the [contact form][contact].

> **Last update:** *2025-11-09*

The
[General Data Protection Regulation (GDPR)][gdpr]
came into effect on May 25, 2018.
This page explains how your personal data is handled.
All data collection is based on one of the legal bases mentioned in Article 6 of the GDPR.
The relevant legal basis is mentioned in the description, unless it is obvious.

The operator of this website, referred to as "the Operator" in this document, is
[cisco211][operator].
All references to the Operator in this privacy policy relate to this entity.

For each data collection activity, the following is described:
* **why**
  this data is collected,
* **what**
  data is collected,
* **how**
  this data is processed,
* **who**
  can access the data,
* **where**
  this data is stored, and
* **how long**
  the data is stored.

If you have questions regarding this privacy policy or the processing of your personal data, you can contact us through our
[contact form][contact].


# Rights of data subjects

You have the following rights regarding your personal data in accordance with Articles 15 to 21 of the GDPR:

* **Right of access:**
  You can request information about whether and which of your personal data is being processed.
* **Right to rectification:**
  You can request the correction of inaccurate data.
* **Right to erasure:**
  You can request the deletion of your data, provided that no legal obligations prevent it.
* **Right to restriction of processing:**
  You can request that your data be processed only to a limited extent.
* **Right to data portability:**
  You can receive your data in a structured, common, and machine-readable format.
* **Right to object:**
  You can object to the processing of your data at any time for reasons arising from your particular situation.
* **Right to lodge a complaint:**
  You can contact a data protection supervisory authority if you believe that your data is being processed unlawfully.

To exercise these rights, please contact us through our
[contact form][contact].


# Collected Data

This section describes all types of personal data collected on this website.
For each type of data, the following aspects are explained: why it is collected, what data is collected, how it is processed, who can access it, where it is stored, and how long it is retained.
This provides transparency in accordance with the GDPR.
Despite all efforts, errors in data processing cannot be completely excluded.

## Hosting
This website is operated on a virtual private server (VPS) provided by a hosting company based in Germany.
The provider complies with the General Data Protection Regulation (GDPR) and only provides the technical infrastructure.
All data processing within this environment is managed and controlled exclusively by the operator of this website.
The hosting system uses a multi-user webspace setup, where each user account operates in an isolated environment.
Configuration files, website data, and log files are stored exclusively within the respective user environment, separate from other users.
The website and its underlying Framework is designed for efficiency, security, and data minimization and does not perform tracking or statistics collection.
All file-based data handling takes place outside the publicly accessible directories to ensure data security.
Technical and organizational security measures are implemented to prevent unauthorized access, misuse, or data loss.
* **why:**
  Hosting is required to make this website technically accessible on the internet.
* **what:**
  The following data may be processed within the hosting environment:
  * Technical connection data such as IP address, time of access, and requested resources,
  * Data required for website operation, such as session data or configurations,
  * Data voluntarily entered through forms or user interactions.
* **how:**
  Data is processed within the webspace environment and isolated per user account on the server.
  No automated profiling, tracking, or data sharing occurs.
* **who:**
  Access to hosted data is limited to the website operator.
  The hosting provider has no direct access to the stored data but provides the technical infrastructure.
* **where:**
  Data is stored on servers located in Germany.
* **how long:**
  Data is stored only as long as necessary for the operation, security, or maintenance of the website.
  Backups, if created, are kept only for technical recovery purposes and deleted after their retention period.

## Server Logs
Server logs are stored only per user on the server, as webspaces are user-based, and are not kept server-wide.
Logs are primarily used for error diagnosis or, in exceptional cases, to identify malicious visitors.
* **why:**
  Logs are collected to identify and diagnose errors, and to protect the website against malicious activity.
* **what:**
  The following information may be stored in the logs:
  * IP address of the visitor,
  * Requested URL,
  * Timestamp of the request,
  * HTTP method and status code,
  * User-Agent string,
* **how:**
  Logs are automatically generated by the web server software during requests to the website.
* **who:**
  Access to logs is limited to the server user (hosting account) and authorized personnel for error resolution or security purposes.
* **where:**
  Logs are stored only within the user's home directory on the server.
* **how long:**
  Logs are retained only as long as necessary for error diagnosis or security monitoring.

## Cookies
This website uses a session cookie to manage visits and optional user accounts.
By default, every visitor is assigned the "Guest" user with ID 0, which is anonymous.
Using the optional user system (ID greater 0) generates additional data, but the website is fully usable without registering.
* **why:**
  The cookie is required to maintain a session and store temporary user-related data during the visit.
* **what:**
  The cookie itself only contains an anonymous session hash.  
  Within the session on the server, the following data may be stored:
  * User-Agent string,
  * IP address of the visitor,
  * User name (default "Guest"),
  * Selected language (automatically detected, but changeable by the user).
* **how:**
  The session cookie is set in the user's browser and references session data stored on the server using PHP sessions.
* **who:**
  Only the server of this website accesses the session data.
* **where:**
  The cookie is stored in the user's browser.
  Session data is stored on the web server.
* **how long:**
  The session cookie and server session data are temporary and expire when the session ends.
  Persistent sessions for optional user accounts follow expiration rules defined by the website.

## Contact Form
You can use the contact form to get in touch with us.
This form is provided for this purpose and must be filled out before shipping.
After the form has been submitted, either an email will be sent to the recipient and a confirmation to the sender, and/or a Discord message will be sent to the recipient.
The data entered by the sender is not temporarily stored, but processed directly for the respective shipping type.
* **why:**
  This form is necessary to contact the website operator.
  Using the contact form is voluntary and optional.
* **what:**
  The following information is collected:
  * the message to be sent,
  * the specified name of the company or person,
  * the specified email address,
  * optionally the uploaded file attachments, and
  * a security cookie called "csrfp" to prevent "Cross-Site Request Forgery" attacks.
* **how:**
  The form containing the data is processed on the web server and sent to the recipient(s) depending on the configured shipping method.
* **who:**
  The contacted recipient receives the sent message and replies to it if necessary.
* **where:**
  The data ends up at the recipient's end and is therefore only stored there.
  Ultimately, how the recipient handles it cannot be controlled.
  The operator, as the recipient, stores this data only locally and in a way that is accessible to him.
* **how long:**
  The length varies depending on the relevance and importance of the content.
  Spam messages will be deleted immediately.
  The usual retention periods apply to official/business documents.

## Referrals and Links
This website may contain links to external websites.
Clicking on such links may result in the transmission of personal data to the respective third-party website.
This website does not track visitors itself, but cannot control the data processing practices of the linked sites.
* **why:**
  Links are provided to offer references, additional content, or navigation to related websites.
* **what:**
  The following data may be transmitted to the third-party provider when a link is clicked:
  * IP address of the visitor,
  * Browser and device information,
  * Referring URL or website,
  * Click interaction data, such as the link clicked.
* **how:**
  The website presents hyperlinks.
  When a visitor clicks a link, data is transmitted to the target website.
* **who:**
  Access is limited to the third-party provider and, if applicable, authorized personnel on that website.
* **where:**
  Data may be transmitted to servers of the third-party provider, potentially outside the EU/EEA.
* **how long:**
  Storage and retention periods are controlled by the third-party provider according to its policies.

## Embedded Content / Third-Party Services
This website may embed content from third-party platforms, such as videos from YouTube or music SoundCloud, or use third-party services like CAPTCHA systems in forms.
Using such content may result in the transmission of personal data to the respective third-party provider.
* **why:**
  Embedded content is used to provide media, interactive content, or security features, such as verifying that form submissions are made by humans.
* **what:**
  The following data may be transmitted to third-party providers:
  * IP address of the visitor,
  * Browser and device information,
  * Interaction data with the embedded content,
  * Data required for CAPTCHA verification, e.g., reCAPTCHA or hCaptcha responses.
* **how:**
  The website requests or loads the embedded content from the third-party provider.
  The provider may process the data in accordance with its own privacy policy.
* **who:**
  Access is limited to the respective third-party provider and, if applicable, authorized personnel on this website.
* **where:**
  Data may be transmitted to servers of the third-party provider, potentially outside the EU/EEA.
* **how long:**
  Storage and retention periods are controlled by the third-party provider according to its policies.


# Final Provisions

This privacy policy is valid in its current form as published on this website.
Updates may occur due to changes in technology, services, or legal requirements.
The updated version replaces all previous versions from the date of publication.


[contact]: /contact "contact form"
[gdpr]: https://gdpr-info.eu/ "General Data Protection Regulation (GDPR)"
[operator]: /about "cisco211"


<!--
## ITEM
TODO: Add text to describe this item.
* **why:**
  TODO: Explain why this data is collected.
* **what:**
  TODO: List the data fields collected.
* **how:**
  TODO: Describe how the data is processed.
* **who:**
  TODO: Indicate who has access to the data.
* **where:**
  TODO: Specify where the data is stored.
* **how long:**
  TODO: Indicate how long the data is stored.
-->