Marco Patzelt
DE/EN

Privacy Policy

Last updated: February 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

Marco Patzelt
Max Ernst Str. 21
40670 Meerbusch
Germany

Email: marcopatzelt7@gmail.com

2. General Information on Data Processing

Protecting your personal data is important to me. I treat your personal data confidentially and in accordance with applicable data protection regulations, in particular the GDPR, and this privacy policy.

Personal data is any data that can be used to personally identify you. This privacy policy explains what data I collect and how I use it.

Note: The German version of this privacy policy is the legally authoritative text. This English version is provided for convenience only.

3. Hosting

This website is hosted by:

Vercel Inc.
340 S Lemon Ave #4133
Walnut, CA 91789, USA

When you visit this website, your personal data (in particular your IP address) is transmitted to Vercel's servers. Vercel may also collect server log files that are automatically sent by your browser (IP address, browser type and version, operating system, referrer URL, time of request).

As Vercel is based in the USA, data is transferred to a third country. This transfer is safeguarded by the conclusion of EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in reliable and secure website delivery).

4. Data Collection via Forms

a) Newsletter Signup

When you subscribe to the newsletter, I collect your email address. It is stored in the newsletter_subscribers table on Supabase.

Before submitting the form, you must give your consent to data processing by activating a checkbox.

Legal basis: Art. 6(1)(a) GDPR (consent).

b) Contact Form

When you use the contact form, I collect your name, email address, and message. This data is stored in the contact_messages table on Supabase.

Before submitting the form, you must give your consent to data processing by activating a checkbox.

Legal basis: Art. 6(1)(a) GDPR (consent).

5. Data Processor (Supabase)

I use Supabase to store data collected via forms:

Supabase Inc.
970 Toa Payoh North #07-04
Singapore 318992

Supabase operates PostgreSQL databases hosted on servers in the USA. A data processing agreement (DPA) pursuant to Art. 28 GDPR has been concluded. The data transfer to the USA is safeguarded by EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

6. Fonts (Google Fonts)

This website uses the Inter and JetBrains Mono fonts from Google Fonts. These fonts are integrated via next/font/google, which downloads the font files at build time and serves them locally from the website's own server (self-hosting). No connection to Google servers is established at runtime. Your IP address is therefore not transmitted to Google.

7. Content Delivery Network (CDN)

The CDN cdn.jsdelivr.net is used to load the mermaid.js JavaScript library. When loading this resource, your IP address is transmitted to jsDelivr's servers.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient and secure website delivery).

8. SSL/TLS Encryption

This website uses SSL/TLS encryption for security purposes and to protect the transmission of confidential content. You can recognize an encrypted connection by the browser's address bar changing from "http://" to "https://" and the lock icon in your browser bar.

9. Web Analytics (Google Analytics)

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies that enable an analysis of your use of the website.

Google Analytics is only activated if you explicitly consent via the cookie banner. Without your consent, no analytics data is collected and no Google cookies are set.

The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization has been activated, so that your IP address is truncated by Google within the EU/EEA beforehand.

Data transfer to the USA is safeguarded by EU Standard Contractual Clauses (SCCs).

Legal basis: Art. 6(1)(a) GDPR (consent). You may withdraw your consent at any time by clearing the cookies in your browser or clearing localStorage.

Your cookie banner preference is stored in your browser's localStorage. This is purely local storage on your device.

10. Data Retention

  • Newsletter subscriptions: Your email address is stored until you unsubscribe or request deletion.
  • Contact inquiries: Your data is retained for a maximum of 3 years after the conclusion of communication, unless longer retention is required by law.
  • Server log files: Retention period is determined by Vercel's policies.

11. Your Rights as a Data Subject

Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR) -- You have the right to request information about your personal data stored by me.
  • Right to rectification (Art. 16 GDPR) -- You have the right to have inaccurate data corrected.
  • Right to erasure (Art. 17 GDPR) -- You have the right to request the deletion of your data, provided no legal retention obligations apply.
  • Right to restriction of processing (Art. 18 GDPR) -- You have the right to request the restriction of processing of your data.
  • Right to data portability (Art. 20 GDPR) -- You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to object (Art. 21 GDPR) -- You have the right to object to the processing of your data where the processing is based on Art. 6(1)(f) GDPR.

12. Withdrawal of Consent

Many data processing operations require your explicit consent. You may withdraw any consent you have given at any time. The lawfulness of data processing carried out prior to the withdrawal remains unaffected. To withdraw your consent, send an email to marcopatzelt7@gmail.com.

13. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf, Germany

Website: www.ldi.nrw.de

14. Automated Decision-Making

No automated decision-making, including profiling, pursuant to Art. 22(1) and (4) GDPR takes place.