Privacy Policy

1. Data controller

Responsible for data processing within the meaning of Art. 4 No. 7 GDPR:

Data controller

Webagentur Hochmeir e.U.

Represented by

Jonathan Hochmeir

Address

Moorweg 7
4845 Rutzenmoos
Austria

Email

hello@webhoch.com

VAT ID

ATU78855106

2. Plain-language summary

Short and honest: This site is a pure HTML page. It does not store anything about you on our servers, sets no tracking cookies, has no analytics, no ad network, and no login. We do not want to know anything about you.

What technically still happens: your browser remembers locally (in so-called localStorage) whether you chose the "Simple" or "Detailed" mode. In addition, your browser loads fonts from Google Fonts, and the server delivering this site briefly records — like any web server — that a request came from your IP address.

More details below.

3. Server log files

When you visit this site, the web server automatically collects information in so-called server log files, which your browser transmits. These include:

• IP address of the requesting device
• Date and time of access
• Name and URL of the file accessed
• HTTP status code and amount of data transferred
• Referrer URL (previously visited page, if transmitted by the browser)
• Browser used and the operating system (user-agent)

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in technically error-free presentation and security of the IT systems).
Retention period: log files are kept for a maximum of 14 days and then automatically deleted.
Hosting provider: The server is located in Germany (IONOS SE, subject to provider details).
The data is not combined with other data sources.

4. Local storage

The site stores a single value in your browser:

ki-verstehen-mode with the value simple or advanced.

This allows the site to remember whether you prefer the simple or detailed explanation on your next visit. This information remains exclusively in your browser. It is never transmitted to us or to third parties.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in offering you your last preference on return).
Deletion: you can remove this value at any time via your browser settings (clear site data).

5. Google Fonts

The website embeds the fonts Fraunces and Newsreader via the content delivery network Google Fonts. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit the site, your browser establishes a connection to Google's servers (fonts.googleapis.com and fonts.gstatic.com) to load the fonts. In doing so, your IP address and user-agent are transmitted to Google. Google may process this data in the USA.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in consistent and appealing presentation of the website).
Third-country transfer: The transfer to the USA is covered by the EU-US Data Privacy Framework Adequacy Decision (10.07.2023), provided Google is certified under the framework.
More info: policies.google.com/privacy

Note: If you want to avoid this, you can block fonts in your browser (e.g. with uBlock Origin or privacy browsers like Brave / Firefox with advanced settings). The site remains functional, but falls back to system fonts.

6. No third-party trackers, no analytics, no ads

We deliberately do not use:

• Google Analytics, Matomo, or comparable statistics tools
• Facebook Pixel, Twitter/X tracker, LinkedIn Insight Tag
• Ad networks (AdSense, Taboola, Outbrain, etc.)
• Tracking cookies or browser fingerprinting
• Embeds from YouTube, Vimeo, Instagram, etc. (no iframes)

7. External links

In the advanced mode ("Im Detail") and in the FAQ section, you will find links to external websites (e.g. arxiv.org, anthropic.com, huggingface.co, ec.europa.eu, creativecommons.org). These links are only followed after you actively click on them. We have no influence over the data processing of the linked providers.

Additionally, the floating "Powered by webhoch.com" badge in the bottom-right links to our sister site webhoch.com. This link is also only followed after you actively click on it.

8. Your rights

As a data subject, you have the following rights under the GDPR:

• Right of access (Art. 15 GDPR) — what we have stored about you (in this case: nothing persistently)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR, "right to be forgotten")
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing based on legitimate interests (Art. 21 GDPR)
• Right to lodge a complaint with the supervisory authority (Art. 77 GDPR) — competent authority is the Austrian Data Protection Authority (DSB), Barichgasse 40-42, 1030 Vienna, Austria.

To exercise your rights, an informal notification by email to hello@webhoch.com is sufficient.

9. Retention period

We store personal data only as long as necessary for the respective purposes or as required by statutory retention obligations:

• Server log files: max. 14 days, then automatic deletion
• localStorage in your browser: until you clear site data (under your sole control)
• At the hosting provider (IONOS): standard retention periods per their privacy policy

No persistent storage beyond this takes place on our side — we operate no database, no account system and no analytics.

10. Recipients / categories of recipients

Personal data is generally not passed on to third parties. The following categories of recipients may technically gain knowledge:

• Hosting provider (IONOS SE, Germany) — IP address, server logs, request metadata for site delivery
• Content delivery network for fonts (Google Ireland Limited) — IP address and user-agent when loading Google Fonts
• Let's Encrypt (Internet Security Research Group, USA) — automated issuance of the SSL certificate; no personal data

Where required, data processing agreements pursuant to Art. 28 GDPR are in place with processors.

11. Transfer to third countries

When loading Google Fonts, the IP address and user-agent are transmitted to Google servers that may be operated in the USA. The transfer is covered by the EU-US Data Privacy Framework Adequacy Decision of the European Commission of 10.07.2023, provided Google is certified under the framework (currently the case: dataprivacyframework.gov/list).

No other third-country transfers take place.

12. Technical and organisational measures (TOMs)

We take appropriate technical and organisational measures to protect personal data against loss, misuse and unauthorised access. Specifically:

• TLS/SSL encryption of all data transmission (Let's Encrypt, automatically renewed)
• HSTS header (HTTP Strict Transport Security, 2 years, preload-eligible) enforces HTTPS
• Content Security Policy (CSP) restricts allowed resource sources
• No database, no account system, no server-side storage of personal data
• Server access exclusively for authorised personnel via encrypted connections
• Security updates applied regularly

13. No automated decision-making

No automated decision-making including profiling within the meaning of Art. 22 GDPR takes place that produces legal effects concerning you or similarly significantly affects you.

14. Encryption (TLS/SSL)

This site is delivered exclusively via a TLS-encrypted connection (HTTPS) (certificate by Let's Encrypt, automatically renewed). You can recognise a secure connection by the lock icon in your browser's address bar.

15. Changes to this policy

We reserve the right to adapt this privacy policy so that it always meets current legal requirements or reflects changes to our services. The version published on this website at any given time applies.