Lenny Daume
Check fit

Legal

Privacy Policy

Legal

Transparency over ceremony. This page is intentionally quiet, well-structured, and easy to scan.

Privacy policy

This privacy policy explains which personal data is processed when you visit this website and use its contact and search features. It is tailored to the current technical stack of this website.

Last updated: April 28, 2026

Controller

Leonard Daume
Germany
Email: privacy@daume.dev

Imprint: https://www.daume.dev/en/imprint

Data processed

Depending on how you use the website, the following data may be processed:

  • technical access data such as IP address, date and time of access, requested URL, referrer, browser, operating system, and transferred data volume
  • contact and content data if you use the contact form, especially name, email address, and message text
  • search queries if you use the website search
  • privacy-friendly usage statistics, such as page views, referrers, and technical browser or device categories
  • local display preferences if you change the color theme

Data is processed to provide the website securely and reliably, answer contact requests, prevent abuse, provide the available website features, and understand which content is used at a basic level.

The legal bases are in particular:

  • Art. 6(1)(f) GDPR for secure and stable website operation, server logs, abuse prevention, and technical functionality
  • Art. 6(1)(f) GDPR for privacy-friendly reach measurement without advertising profiles or cross-site tracking
  • Art. 6(1)(b) GDPR for contact requests related to potential collaboration or pre-contractual communication
  • Art. 6(1)(c) GDPR where statutory retention obligations apply

Hosting and server logs

This website runs on self-managed server infrastructure with a professional hosting provider. Technical access data is processed to deliver the website, analyze errors, and detect attacks or abuse.

Server logs may include IP address, access time, URL, referrer, user agent, and status codes. Log data is stored only as long as required for security, error analysis, and operation, unless longer retention is necessary to clarify a specific incident.

Contact form

When you submit the contact form, the data you enter is processed by this website’s server endpoint and handled server-side within infrastructure under my control so that I can respond to your request. This includes name, email address, and message text.

The internal processing endpoint is not exposed in the browser. Data is transmitted via TLS.

Please do not send special categories of personal data under Art. 9 GDPR through the contact form, such as health data, ID data, or other especially sensitive information.

The website includes a search feature. If you use it, your search query is first sent to a server endpoint of this website and forwarded from there to a self-hosted search service. The search service runs on infrastructure under my control.

The data transmitted includes the search query and technical request data. Search service access credentials are not exposed in the browser. The search does not use user accounts, tracking cookies, or profiling information. Search requests are not transmitted to an external search cloud service.

Privacy-friendly usage statistics

This website uses self-hosted, privacy-friendly usage statistics to understand basic reach and content usage. No tracking cookies are set, no advertising profiles are created, and visitors are not followed across other websites.

The analysis is limited to reduced technical and statistical data, for example page views, referrers, rough visit duration, and browser or device categories. The statistics run on infrastructure under my control and are not transmitted to an external analytics provider.

Local fonts

This website uses fonts through @fontsource. Font files are served locally together with the website. No Google Fonts request or external font CDN request is made for this.

Cookies and local storage

This website currently does not use tracking cookies and does not use Google Analytics.

The website may use browser localStorage for the color theme. It stores only the theme setting with the value light or dark. This information remains on your device and is not transmitted to a third party.

You can delete local website data at any time in your browser settings.

This website may link to external profiles or services, for example GitHub, LinkedIn, or other platforms. Merely visiting this website does not transmit data to those providers. Their own privacy policies apply only if you click an external link.

No embedded third-party tracking content

This website currently does not embed scripts from external analytics providers, remotely loaded Google Fonts, YouTube or Vimeo embeds, LinkedIn or Xing widgets, or comparable third-party tracking or marketing pixels.

Retention

Contact requests are stored only as long as required to handle the request, continue related communication, or comply with statutory retention obligations.

Server logs are processed by the hosting provider for operation and security and deleted according to the provider’s retention periods, unless longer retention is required to clarify a specific incident.

Recipients and international transfers

Data may be transmitted to technical service providers where this is necessary for operation or security. Website delivery, search, and contact form processing are designed to run on infrastructure under my control where practical. Where service providers outside the EU or EEA are used, transfers take place only on the basis of appropriate safeguards under Art. 44 et seq. GDPR, in particular Standard Contractual Clauses or an adequacy decision such as the EU-U.S. Data Privacy Framework, where the respective provider is certified under it.

Your rights

Subject to the GDPR, you have in particular the right to:

  • access your personal data under Art. 15 GDPR
  • rectification of inaccurate data under Art. 16 GDPR
  • erasure under Art. 17 GDPR
  • restriction of processing under Art. 18 GDPR
  • data portability under Art. 20 GDPR
  • object to processing based on legitimate interests under Art. 21 GDPR
  • lodge a complaint with a data protection supervisory authority under Art. 77 GDPR

If processing is based on consent, you can withdraw that consent at any time with future effect.

Contact for privacy questions

For privacy questions, contact me at privacy@daume.dev.

Back to daume.dev