harke webdesign DE

Privacy Policy

Last updated: May 9, 2026

Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Lukas Harke
Friedrich-Ebert-Str. 46
67433 Neustadt/Wstr.
Germany

Email: dev@harke.me

General Information

This privacy policy explains which personal data is processed when you visit this website or contact me. Personal data means any information relating to an identified or identifiable natural person.

This website does not use marketing cookies, advertising trackers, or third-party analytics. The only analytics used are privacy-oriented, self-hosted Rybbit analytics as described below.

TLS Encryption

This website is delivered over TLS encryption. This helps protect data transmitted between your browser and the website from being read by third parties.

Hosting and Access Data

When you visit this website, the web server technically processes access data that is required to deliver the site and keep it secure. This may include:

  • IP address
  • date and time of access
  • requested URL or file
  • referrer URL, if transmitted by your browser
  • browser type and version
  • operating system
  • HTTP status code
  • amount of data transferred

The legal basis is Art. 6(1)(f) GDPR. The legitimate interest is the secure, stable, and efficient operation of this website and the detection of misuse or attacks.

Server log data is kept only for as long as necessary for operational security and troubleshooting, and is then deleted unless further retention is required to investigate a security incident or comply with legal obligations.

Where a hosting provider processes data on my behalf, the relationship is covered by a data processing agreement under Art. 28 GDPR where required.

Analytics with Self-Hosted Rybbit

This website uses a self-hosted instance of Rybbit for privacy-oriented web analytics. Rybbit is used to understand which pages are visited and how the website performs, without using marketing cookies or cross-site tracking.

Rybbit is configured without tracking cookies and without local storage for tracking. The setting to store visitor IP addresses is disabled. Session replay and form recording are not used on this website.

Depending on the request, Rybbit may process the following usage data:

  • visited pages and page titles
  • referrer URLs
  • visit and session information
  • browser type and version
  • operating system
  • device type and screen size
  • approximate country or region derived from the IP address
  • campaign parameters, if present in the URL

IP addresses may be processed transiently to derive approximate location data and to generate privacy-preserving visit information. Raw IP addresses are not stored for analytics purposes.

The analytics data is processed on the self-hosted Rybbit infrastructure and is not sold or shared for advertising purposes. The legal basis is Art. 6(1)(f) GDPR. The legitimate interest is measuring traffic, improving content, and maintaining a reliable website in a privacy-preserving way.

You may object to this processing at any time by contacting me at the email address above.

Contact by Email

If you contact me by email, I process the data you provide in order to respond to your request. This usually includes your email address, the content of your message, and any additional information you choose to send.

The legal basis is Art. 6(1)(b) GDPR where the communication relates to a contract or pre-contractual request, and otherwise Art. 6(1)(f) GDPR. The legitimate interest is responding to incoming messages and maintaining business communication.

Email correspondence is retained for as long as necessary to handle the request and comply with statutory retention obligations.

This website links to external services such as GitHub, LinkedIn, the App Store, and project websites. These are ordinary links. No data is transmitted to those providers merely by viewing this website. Data may be processed by the external provider when you click a link and visit the external website. The respective provider is responsible for that processing.

Cookies and Local Storage

This website does not use tracking or marketing cookies. Technically necessary storage may be used only where required for the operation of the website.

Data Sharing

Personal data is not sold. Data is only shared where necessary for the purposes described in this policy, where a service provider processes data on my behalf, or where there is a legal obligation to do so.

No transfer to countries outside the EU or EEA is intended by this website, except where you actively open an external link and the external provider independently processes data.

Data Security

Appropriate technical and organizational measures are used to protect personal data against loss, manipulation, unauthorized access, and misuse. These measures are reviewed and improved as appropriate.

Your Rights

Subject to the legal requirements, you have the following rights under the GDPR:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)
  • right to object to processing (Art. 21 GDPR)
  • right to withdraw consent, where processing is based on consent (Art. 7(3) GDPR)

To exercise your rights, contact me using the details above.

Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority in Rhineland-Palatinate is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
55116 Mainz
Germany

Email: poststelle@datenschutz.rlp.de
Website: https://www.datenschutz.rlp.de

Changes to This Privacy Policy

This privacy policy may be updated if the website, analytics setup, or legal requirements change.