Last updated: March 2026
This website uses Google Analytics to understand how visitors interact with it. Analytics are only activated after your explicit consent — no tracking occurs before you agree. The site does not use advertising cookies or share data with ad networks.
The controller responsible for data processing on this website:
Sebastian Stöhr Herrenalber Str. 34 76199 Karlsruhe, Germany
Email: sebastian (at) stoehr.io
This website uses Google Analytics 4 (GA4), loaded through Google Tag Manager (GTM). Google Analytics helps understand aggregate visitor behaviour — for example, which pages are visited and how long visitors stay.
Data collected includes: anonymised IP address (last octet removed), pages visited, referrer URL, browser type, device type, and session duration. No personally identifiable information (name, email address, etc.) is collected.
Legal basis: Art. 6(1)(a) GDPR — your consent, given via the cookie banner when you first visit the site.
You can withdraw consent at any time by clicking "Cookie Preferences" in the footer. Selecting "Reject" stores your preference and prevents further data collection on the next page load. You may also opt out globally using the Google Analytics Opt-out Browser Add-on (tools.google.com/dlpage/gaoptout).
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) acts as data processor under Art. 28 GDPR. A Data Processing Agreement (DPA) is in place via Google's standard terms (business.safety.google/adsprocessorterms/).
Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) may have access to processed data as Google Ireland's parent company — see section 5 on international transfers.
IP anonymisation is active by default in GA4. Google's privacy policy: policies.google.com/privacy.
Google's infrastructure is partly located in the United States, a country without a general EU adequacy decision. Data transfers to the USA are based on two legal mechanisms:
1. Standard Contractual Clauses (SCCs) under Commission Implementing Decision (EU) 2021/914, incorporated into Google's Data Processing Agreement.
2. The EU-US Data Privacy Framework (DPF) adequacy decision of 10 July 2023 — Google LLC is certified under the DPF (dataprivacyframework.gov).
Google Analytics event data is retained for 2 months by default. User-level data (if configured in the GA4 property) may be retained for up to 14 months.
Your consent preference is stored in your browser's localStorage under the key "cookie-consent". This data never leaves your device and is not transmitted anywhere. You can remove it at any time by clearing local storage in your browser settings or by clicking "Reject" in the Cookie Preferences banner.
Under GDPR you have the following rights:
- Right of access (Art. 15) - Right to rectification (Art. 16) - Right to erasure (Art. 17) - Right to restriction of processing (Art. 18) - Right to data portability (Art. 20) - Right to object (Art. 21) - Right to withdraw consent at any time (Art. 7(3)) — via "Cookie Preferences" in the footer
To exercise these rights, contact: sebastian (at) stoehr.io
You also have the right to lodge a complaint with the supervisory authority: Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg (LfDI BW) — www.baden-wuerttemberg.datenschutz.de
For data protection enquiries, please contact:
Email: sebastian (at) stoehr.io
Please include "Data Protection" in the subject line.
This policy may be updated to reflect changes in legislation or data processing practices. Material changes that affect the scope of consent will require your renewed agreement via the cookie banner. The "last updated" date at the top of this page reflects the most recent revision.