Privacy Policy
In General
If any user data is collected, the data is ONLY used to provide the services.
No data is ever shared with a third-party. No personal data is recorded and processed.
Cookies
In general, there are no tracking-cookies in place. Neither do I want to be tracked, nor do I want to track you. Services provided on this domain won’t utilize ANY site-analytics, usage-analytics (like Plausible, Google Adsense, Matomo, etc.).
blog.rtrace.io
(Blog, Hexo) does NOT utilize cookieslive.rtrace.io
(Owncast) does NOT utilize cookiesspeedtest.rtrace.io
(Librespeed) does NOT utilize cookiesreddit.rtrace.io
(Libreddit) does NOT utilize cookies, except (optional) user-configurationlws.rtrace.io
(LiberaWebStore) does NOT utilize cookiesstatic.rtrace.io
(Static File Server) does NOT utilize cookiessearx.rtrace.io
(Searx metasearch enging) does NOT utilize cookies, except (optional) user-configurationsend.rtrace.io
(Send, Filesharing Service) does NOT utilize cookiesbibliogram.rtrace.io
(privacy friendly Instagram frontend) does NOT utilize cookiesvikunja.rtrace.io
(a F(L)OSS task manager/organizer) does utilize Cookies for Session Managementstatus.rtrace.io
(Status Monitor) does NOT utilize cookies
Logs
Each site-request (targeting *.rtrace.io
and rtrace.io
) is logged. The following information will be stored for a max. of 4 weeks, then will be deleted permanently.
- Time of request: a simple UNIX timestamp representing the time of request
- User-Agent: taken from the Requests HTTP-Header
- IP-Address: the remote IP address of the client that is connecting
- Requested Site: the site on
*.rtrace.io
orrtrace.io
that has been requested
These logs exclusively serve to protect from attacks (like DoS) against servers and infrastructure of rtrace.io
. None of this information will be processed nor used for any analytic purposes. Logs will be retained for a max. period of 4 weeks on the servers serving *.rtrace.io
and rtrace.io
. No third-party does and will ever have access to these logs.
Site Embeds
Blog posts, articles and pages on blog.rtrace.io
might embed so called iframe
to other services and websites. In general, I try to only link to privacy friendly services.
Invidious
Invidious is a privacy-friendly alternative frontend for YouTube. To prevent you being tracked by Google when visiting *.rtrace.io
, all Video-embeds are served through Invidious. The following instance(s) are randomly utilized for embedding.
- yt.mstdn.social - read the Privacy Policy here
- invidious.namazso.eu - read the Privacy Policy here
- yt.artemislena.eu - read the Privacy Policy here
Owncast
Owncast is a privacy-friendly live-streaming site as alternative to Twitch.
Soundcloud
Soundcloud is an audio-streaming service (just like Spotify). blog.rtrace.io
uses Soundcloud embeds on certain pages. Embeds will store cookies. Please follow Soundclouds Privacy Policy for more details. (Please note, that I’m working on replacing Soundcloud with a self-hosted more privacy-friendly solution).
Further transparency
Hosting
All services provided on rtrace.io
and *.rtrace.io
are hosted on Virtual Private Servers (VPS) at Netcup (subsidiary company of Anexia GmbH). Servers are in Frankfurt, Germany. Servers are running the latest version of Fedora Server and are patched ~2 times a week (on average). Disks are LUKS encrypted and require LUKS password on boot. All services provided are served through nginx
acting as reverse-proxy/load-balancer that also terminates TLS (HTTPS). Servers behind the reverse-proxy are interconnected through Wireguard for secure communication - so none of your traffic (even if previously TLS-terminated) will ever be transferred over the network in plain-text. TLS Certificates are provided by Let’s Encrypt. TLS configuration explicitly only allows TLSv1.3
with the strongest available cipher-suites. HTTP Security Headers are applied where possible and useful.

Read the Netcup Privacy Policy (German)
Personal Commitment
I personally hate it to be tracked online, and that’s why I won’t track you either (and try my best to prevent third parties from tracking you as well). It’s that easy and that’s my promise. I want all services provided at rtrace.io
and all of its subdomains to be as privacy friendly as possible. If you have any additions, constructive feedback, hints to improve or wishes - feel free to contact me at any time. As it is with security - at the end of the day everything boils down to trust
. It’s very hard to trust service-providers and that effectively boils down to the fact that you can’t and shouldn’t trust me - zero-trust is the best trust after all).
Nonetheless, if you want to verify that the things I’ve written here are true, please get in touch with me. We can arrange a Jitsi call, and I’ll happily show you how things are hosted and configured here at rtrace.io
- come on, let’s go for a SSH safari.