Privacy Policy

This privacy policy explains how personal data is collected, processed, and protected when you visit theminemat.de and associated services. This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Data Controller

Responsible party: Mattes Rohlfing
Email: [email protected]
Website: theminemat.de

For all inquiries regarding your personal data and this privacy policy, please contact the above email address.

2. Personal Data We Process

We collect and process the following categories of personal data:

2.1 Automatically Collected Data

Server Log Data: IP address, browser type and version, operating system, referrer URL, accessed pages, date and time of access, amount of data transferred
Technical Data: Screen resolution, device type, browser language settings
Usage Data: Page views, session duration, click behavior (if analytics enabled)

2.2 Data from Direct Contact

Email address and message content when you contact us via email
Any other information you voluntarily provide in communications

3. Third-Party Services and Data Processing

Our website integrates the following third-party services that process your personal data:

3.1 Cloudflare, Inc.

Company: Cloudflare, Inc.
Address: 101 Townsend St., San Francisco, CA 94107, USA
Purpose: Web hosting, CDN, DDoS protection, web application firewall
Data processed: IP address, HTTP headers, request metadata
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) - website security and performance
Retention: Up to 30 days for logs
Privacy Policy: https://www.cloudflare.com/privacypolicy/

3.2 Google LLC (Google Fonts)

Company: Google LLC
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose: Loading web fonts to ensure consistent typography
Data processed: IP address, browser information, requested font files
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) - website functionality and design
Privacy Policy: https://policies.google.com/privacy

3.3 Tailwind Labs Inc. (Tailwind CSS CDN)

Service: Tailwind CSS via CDN
Purpose: Loading CSS framework for website styling
Data processed: IP address, browser information when loading CSS files
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) - website functionality

3.4 Font Awesome (Fonticons, Inc.)

Company: Fonticons, Inc.
Purpose: Loading icon fonts via CDN
Data processed: IP address, browser information when loading font files
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) - website functionality and design
Privacy Policy: https://fontawesome.com/privacy

3.5 Client-Side Libraries

Three.js and three-globe: These JavaScript libraries execute entirely in your browser and do not transmit personal data to external servers. They are used for 3D visual effects and interactive elements.

4. Legal Basis for Data Processing

Art. 6(1)(f) GDPR (Legitimate Interest): Website operation, security, performance optimization, user experience
Art. 6(1)(a) GDPR (Consent): When you voluntarily contact us or subscribe to services
Art. 6(1)(b) GDPR (Contract): When providing requested services or responding to inquiries

5. Cookies and Local Storage

Our website may use the following types of cookies:

Essential cookies: Required for basic website functionality (session management, security)
Third-party cookies: May be set by CDN providers and external services listed above

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

6. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA):

United States: Cloudflare, Google LLC - We rely on adequacy decisions, standard contractual clauses, and providers' certification programs where applicable
All transfers comply with GDPR requirements for international data protection

7. Data Retention

Server logs: 30 days (for security and technical analysis)
Contact emails: Until purpose fulfilled or deletion requested
Third-party service data: According to respective providers' retention policies

8. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access (Art. 15 GDPR): Request information about your personal data we process

Right of Rectification (Art. 16 GDPR): Request correction of inaccurate personal data

Right of Erasure (Art. 17 GDPR): Request deletion of your personal data ("right to be forgotten")

Right to Restrict Processing (Art. 18 GDPR): Request limitation of data processing

Right to Data Portability (Art. 20 GDPR): Receive your data in a structured, machine-readable format

Right to Object (Art. 21 GDPR): Object to processing based on legitimate interest

Right to Lodge a Complaint: Contact your local data protection authority

To exercise these rights, contact us at: [email protected]

We will respond to your request within 30 days of receipt.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

HTTPS/TLS encryption for data transmission
Regular security updates and monitoring
Access controls and authentication
Cloudflare security features (DDoS protection, WAF)

10. Children's Privacy

Our website is not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us so we can delete such data.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on our website with a new "Last Updated" date.

12. Contact Information

Data Protection Contact:
Email: [email protected]
Response time: Within 30 days

For urgent privacy concerns or to exercise your rights under GDPR, please use the email above with "Privacy Request" in the subject line.

Last updated: September 1, 2025

Version: 2.0