Privacy Policy

Last updated: January 17, 2026

1. Overview

The protection of your personal data is very important to me. This privacy policy explains what data is collected when you visit this website, why it is collected, and how it is used. It also explains your rights regarding your personal data.

2. Data Controller

The data controller responsible for data processing on this website is:

Dan Reynolds
Goslarer Ufer 1b
10589 Berlin
Germany

Email: dan@dcr.aero

3. Hosting

This website is hosted by Hetzner Online GmbH. The hosting provider processes data on our behalf based on a Data Processing Agreement (Art. 28 GDPR). When you visit the site, server log files are automatically collected.

4. Data Collection

4.1 Server Log Files

The hosting provider automatically collects and stores information in server log files that your browser transmits. These include:

  • IP address (anonymized)
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL

This data cannot be assigned to specific individuals and is not merged with other data sources. Legal basis: Art. 6 Para. 1 lit. f GDPR (legitimate interest in security and stability).

4.2 Cookies and Consent

This website uses strictly necessary cookies for basic functionality (e.g., language preferences, session management, CSRF protection). For security features like Cloudflare Turnstile, cookies are only set if you provide active consent via our consent banner.

Legal basis: § 25 Para. 1 TDDDG (consent) and Art. 6 Para. 1 lit. a GDPR.

You can configure your browser to reject cookies. However, this may limit the functionality of the website.

4.3 Cloudflare Turnstile

The contact form on this website uses Cloudflare Turnstile for spam protection. Turnstile is a CAPTCHA alternative that verifies visitors are human without intrusive challenges. When you use the contact form, Cloudflare may process:

  • IP address
  • Browser information and telemetry
  • Interaction data

This data is processed by Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA). Cloudflare is certified under the EU-U.S. Data Privacy Framework. For more information, see Cloudflare's Privacy Policy.

Legal basis: Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. f GDPR (legitimate interest in protecting against spam and abuse).

Turnstile is only loaded if you accept cookies. If you decline cookies, the contact form will not be available.

4.4 Contact Form

When you use the contact form, the following data may be collected:

  • Name
  • Email address
  • Message content

This data is used solely to respond to your inquiry. Legal basis: Art. 6 Para. 1 lit. b GDPR (contract initiation) or Art. 6 Para. 1 lit. f GDPR (legitimate interest).

4.5 Security Logging for Blocked Submissions

To protect this website from spam, automated attacks, and abuse, submissions that are identified as suspicious or malicious are logged and may trigger security notifications. This applies to contact form submissions that fail security verification (e.g., Cloudflare Turnstile) or are identified as automated bot activity.

For blocked submissions, the following technical data may be collected and stored:

  • IP address
  • Browser type and version (User Agent)
  • Referrer URL
  • Timestamp of the submission attempt
  • Form data submitted (sanitized)
  • Reason for blocking (e.g., verification failure, bot detection)

This data is used exclusively for security analysis, abuse prevention, and to protect the website and its users from malicious activity. Security alerts containing this information may be sent via email to the website administrator.

Legal basis: Art. 6 Para. 1 lit. f GDPR (legitimate interest in protecting against spam, fraud, and security threats).

Security logs are retained for up to 90 days and are then automatically deleted, unless required longer for ongoing security investigations or legal proceedings.

5. Your Rights

Under GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR): You can request information about your stored personal data.
  • Right to rectification (Art. 16 GDPR): You can request correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR): You can request deletion of your data.
  • Right to restriction (Art. 18 GDPR): You can request restriction of processing.
  • Right to data portability (Art. 20 GDPR): You can request your data in a machine-readable format.
  • Right to object (Art. 21 GDPR): You can object to processing based on legitimate interest.

To exercise these rights, please contact me at the email address provided above.

6. Data Retention

Personal data is stored only for as long as necessary for the purposes for which it was collected. When the data is no longer needed, it will be deleted or anonymized.

7. Data Security

Appropriate technical and organizational measures are used to protect your data against unauthorized access, loss, or manipulation. This includes encryption of data transmission (HTTPS/TLS).

8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection regulations.