1. Privacy at a Glance
This privacy policy explains what personal data we collect, how we use it, and what rights you have. Personal data is any information that relates to an identified or identifiable natural person.
Operator: Niklas Heist, Lenbachstraße 16, 10245 Berlin
Contact: nkls.hst@gmail.com
Legal basis: GDPR (EU) 2016/679, BDSG (neu), TMG
2. Data Controller
The controller responsible for data processing on this website is:
Niklas Heist
Lenbachstraße 16
10245 Berlin
Deutschland
Email: nkls.hst@gmail.com
3. Hosting
Vercel
This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. When you visit our website, Vercel automatically processes connection data (IP address, date and time of the request, page accessed, browser type, and operating system). This data is stored in server log files.
Legal basis: Art. 6 Abs. 1 lit. f DSGVO (legitimate interest in secure operation of the website). Vercel processes data in the USA. The transfer is based on EU Standard Contractual Clauses (SCC).
Vercel Privacy Policy: vercel.com/legal/privacy-policy
4. Authentication & Database
Supabase
We use Supabase (Supabase Inc., 970 Trestle Glen Rd, Oakland, CA 94610, USA) for registration, login, and storage of your user data. During registration, we collect the following data:
- Email address (required)
- Self-chosen password (stored encrypted)
- Optional: display name and profile picture
- User-created content (essays, saved articles)
- Timestamps of account creation and last login
Legal basis: Art. 6 Abs. 1 lit. b DSGVO (performance of contract). Data is stored as long as the account exists. After account deletion, all personal data is deleted within 30 days.
Supabase Privacy Policy: supabase.com/privacy
5. Cookies and Consent Management
This website uses cookies. Cookies are small text files that your browser stores on your device. We distinguish between technically necessary and optional cookies.
Technically Necessary Cookies
These cookies are required for the operation of the website and cannot be disabled. They are set when you log in and store your session information:
| Cookie | Purpose | Retention |
|---|
| sb-access-token | Supabase Login-Session | Session |
| sb-refresh-token | Session renewal | 1 week |
| cookie-consent | Stores your cookie preferences | 1 year |
Optional Cookies (Analytics)
If analytics services are enabled, you will be asked for your consent on your first visit (cookie banner). You can withdraw your consent at any time. Legal basis for optional cookies: Art. 6 Abs. 1 lit. a DSGVO (consent). Without your consent, no tracking cookies will be set.
Browser Settings
You can disable or delete cookies in your browser. Please note that disabling necessary cookies may limit the functionality of the website (e.g., login will not be possible).
6. Your Rights under GDPR
You have the following rights regarding your personal data:
✓Access (Art. 15 DSGVO): You can request information about the personal data we process about you.
✓Rectification (Art. 16 DSGVO): You can request the correction of inaccurate data or the completion of incomplete data.
✓Erasure (Art. 17 DSGVO): You can request the deletion of your data ("right to be forgotten"), provided no retention obligations apply.
✓Restriction (Art. 18 DSGVO): You can request the restriction of processing, e.g., if the accuracy of the data is disputed.
✓Data Portability (Art. 20 DSGVO): You can request the transfer of your data in a structured, machine-readable format.
✓Objection (Art. 21 DSGVO): You can object to the processing of your data if it is based on a legitimate interest.
✓Withdrawal of Consent (Art. 7 Abs. 3 DSGVO): You can withdraw any consent given at any time with effect for the future.
To exercise your rights, please contact: nkls.hst@gmail.com
7. Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your data (Art. 77 DSGVO). The competent authority is that of your habitual residence or our registered office:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
https://www.datenschutz-berlin.de
8. Data Security
We implement technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or unauthorized access. This website uses SSL/TLS encryption for security purposes and to protect the transmission of confidential content. Passwords are stored exclusively in encrypted (hashed) form.
9. Information for International Users
Users in the USA (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA): the right to know what personal data we have collected about you; the right to deletion of your data; the right to opt out of the sharing of your data. We do not sell personal data. To exercise these rights, contact: nkls.hst@gmail.com.
Users in the United Kingdom
This website complies with the UK GDPR (UK Data Protection Act 2018). Your rights under the UK GDPR are essentially the same as those under the EU GDPR (Section 6 of this policy). You may lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk.
Users Worldwide
This website is primarily aimed at users in the EU and Germany. The processing of your data is governed by the GDPR, which is widely regarded as a strict data protection standard. By using this website, you agree to the processing of your data in accordance with this privacy policy.
10. Minors
This service is not intended for persons under 16 years of age. We do not knowingly collect data from minors. If you are a parent or guardian and discover that your child has submitted data to us, please contact us at nkls.hst@gmail.com.
11. Changes to this Privacy Policy
We reserve the right to update this privacy policy as needed to comply with legal requirements or to reflect changes to our services. The current version is always available on this page. In the event of material changes, we will notify registered users by email.