Privacy

(as of 18.8.2025)

1. I, Christian Hansen, Ahornstrasse 17, CH 4055 Basel, Switzerland, email: ch[at]christianhansen.ch, am the data controller responsible for the processing of personal data on this website in accordance with Art. 4 No. 7 GDPR

2. Data protection officer

   According to Section 38 of the German Federal Data Protection Act (BDSG), a data protection officer is not required as fewer than 20 people are regularly involved in data processing.

3. Hosting and server logs

   The site is hosted by Hostinger International Ltd. (Lithuania). Hostinger creates server-side log files (IP address, date/time, URL accessed, referrer, browser and operating system information) to detect attacks and ensure stability. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest). The log data is automatically deleted after 30 days at the latest, and encrypted backups with the same information are deleted after 90 days at the latest. A data processing agreement has been concluded with Hostinger in accordance with Art. 28 GDPR.

4. Cookies and local storage

   The website only uses one technically necessary entry:

   pll_language – stores your language selection, duration one year, legal basis Art. 6 para. 1 lit. f.

   Non-essential cookies (e.g. Google Analytics) are only set once you have given your consent in the consent banner. You can revoke your consent there at any time with future effect.

5. Fonts

   Two commercially licensed fonts are delivered exclusively locally from our own server. The system is configured so that no requests to Google Fonts are planned. If browser extensions or fallback mechanisms nevertheless establish a connection to fonts.gstatic.com, Google LLC, USA, will process your IP address. The legal basis for this is Art. 6 para. 1 lit. f (legitimate interest); protection via the EU standard contractual clauses.

6. Contact

   When you contact us by email or form, your name, email address and message will be processed in order to respond to your enquiry. The legal basis for this is Art. 6 para. 1 lit. b GDPR (pre-contractual measures) or lit. f (general enquiries). I will delete the data no later than six months after the end of the communication, unless there is a legal obligation to retain it.

7. Newsletter registration via Google Forms

   When you subscribe to our newsletter, we collect your email address and, if provided, your name via a Google Forms form. The transmission is encrypted. The data is stored on servers of Google LLC, some of which are located in the USA. Google is certified under the EU-US Data Privacy Framework and thus ensures an adequate level of data protection.

   Purpose: To send you the ANADAI newsletter and to verify your consent (double opt-in). Legal basis: Art. 6 para. 1 lit. a GDPR. Storage period: until you withdraw your consent; thereafter deletion within 30 days.

   You can revoke your consent at any time via the unsubscribe link in the newsletter or by emailing hello@anadai.net.

8. Newsletter dispatch via Hostinger

   The newsletter is sent via ‘Hostinger Email Marketing’, service provider Hostinger International Ltd., 61 Lordou Vironos St., 6023 Larnaca, Cyprus.

   Hostinger processes the email addresses on our behalf in accordance with Art. 28 GDPR; a contract processing agreement with standard contractual clauses is in place.

   Server locations: EU data centres (Lithuania, Netherlands, France, Germany). Tracking: We do not use opening or click tracking. Revocation & deletion: see 7a.

9. Data transfers to third countries

   Personal data will only be transferred to the USA if a Google Fonts fallback or – if activated in future – Google Analytics is triggered. The basis for this is the EU standard contractual clauses.

10. Your rights

    You have the right to information (Art. 15), correction (Art. 16), deletion (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to certain processing (Art. 21 GDPR) at any time.

    Please write to me informally using the contact details above.

11. Right to lodge a complaint

    You can also contact the competent supervisory authority if you believe that your data is being processed unlawfully. I would be happy and grateful if you would let me know beforehand so that I have the opportunity to correct any omissions.

12. Data security

    The site uses TLS encryption (https). Servers, CMS and plug-ins are regularly updated, and firewalls and access controls are used. Backups are encrypted and deleted after 90 days at the latest.

13. Storage and deletion periods

    Server log files: 30 days (backups 90 days)

    Contact enquiries: six months after the last response

    Tax and accounting documents: ten years (legal obligation)

    All other personal data: immediately, as soon as the purpose no longer applies and there is no obligation to retain the data.

14. Changes to this statement

    This privacy policy will be amended as soon as technical processes, services used or legal requirements change. The current version can be found on this page at any time.