Privacy Policy
Information on data processing on this website
1. Controller
Responsible for data processing on this website according to the General Data Protection Regulation (GDPR):
Van Heenvlietlaan 236A
1083 CN Amsterdam
Netherlands
Email: teamup@disisto.de
Phone: +49 176 35705040
2. Overview of Data Processing
This privacy policy explains what personal data is collected when visiting this website and how it is used. Personal data includes all information that can be used to identify individuals personally.
3. Data Collection and Use
3.1 Website Visits
When visiting this website, the following technical data is automatically collected and stored in server log files:
- IP address (anonymized after 7 days)
- Date and time of access
- Accessed pages and files
- Browser type and version
- Operating system
- Referrer URL
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) for ensuring website security and functionality.
Retention period: Log files are deleted after 30 days.
3.2 Contact Form
When using the contact form, the following data is collected:
- Name
- Email address
- Message content
- IP address and timestamp
Purpose: To respond to inquiries and maintain communication.
Legal basis: Consent (Art. 6(1)(a) GDPR) or performance of pre-contractual measures (Art. 6(1)(b) GDPR).
Retention period: Contact inquiries are deleted after 2 years unless ongoing communication requires longer retention.
3.3 User Authentication
For access to protected areas, authentication services are used. The following data is processed:
- Email address
- Name (first and last name)
- Authentication tokens
- Login timestamps
Purpose: User authentication and access control to protected content.
Legal basis: Consent (Art. 6(1)(a) GDPR) and legitimate interest in protecting sensitive information.
Retention period: User accounts and authentication data are retained as long as the account is active.
4. Cookies and Local Storage
This website uses cookies and local storage to provide functionality and analyze usage. Below is a detailed overview of all cookies used:
Essential Cookies
These cookies are necessary for the website to function and cannot be disabled. Cross-domain cookies (domain=.disisto.de) enable seamless synchronization of your settings across disisto.de and sso2.disisto.de.
| Name | Purpose | Duration | Type |
|---|---|---|---|
PHPSESSID |
Session management and user authentication | Session | Cookie |
portfolio_cookie_consent |
Stores your cookie preferences (all/essential) | 13 months | Cross-Domain Cookie |
portfolio_theme |
Remembers your dark/light mode preference | 1 year | Cross-Domain Cookie |
portfolio_lang |
Stores your language preference (de/en) | 1 year | Cross-Domain Cookie |
cookie_consent |
Legacy: Stores consent in localStorage (backward compatibility) | Persistent | localStorage |
theme |
Legacy: Stores theme preference in localStorage (backward compatibility) | Persistent | localStorage |
language |
Legacy: Stores language in localStorage (backward compatibility) | Persistent | localStorage |
Authentication Cookies (Keycloak)
These cookies are set by our authentication system (Keycloak) when you log in.
| Name | Purpose | Duration |
|---|---|---|
AUTH_SESSION_ID |
Authentication session identifier | Session |
KEYCLOAK_SESSION |
Maintains your login state | Session |
KEYCLOAK_IDENTITY |
Stores your identity information | Session |
oauth_state |
OAuth security state parameter | Session |
Analytics Cookies (Matomo)
With your consent, I use Matomo Analytics (self-hosted, GDPR-compliant) to understand how visitors use my website. These cookies are set as cross-domain cookies to track your analytics preferences across all subdomains.
| Name | Purpose | Duration | Type |
|---|---|---|---|
_pk_id.* |
Unique visitor ID for analytics (set by Matomo) | 13 months | Cookie |
_pk_ses.* |
Short-lived session cookie (set by Matomo) | 30 minutes | Cookie |
analytics_consent |
Tracks your analytics consent status (true/false) | 13 months | Cross-Domain Cookie |
matomo_resolution |
Stores your screen resolution for server-side analytics | 13 months | Cross-Domain Cookie |
Privacy-friendly Analytics
My analytics setup respects your privacy:
- Self-hosted on my servers (no third-party data sharing)
- IP addresses are anonymized (last 2 bytes removed)
- Respects "Do Not Track" browser settings
- You can opt-out at any time using the button below
5. Data Security
Appropriate technical and organizational measures are implemented to protect personal data:
- SSL/TLS encryption for all data transmission
- Secure authentication systems
- Regular security updates and monitoring
- Access controls and data minimization
6. Your Rights
Under the GDPR, individuals have the following rights:
- Right to information (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
To exercise these rights, contact: teamup@disisto.de