Privacy Policy

In General

If any user data is collected, the data is ONLY used to provide the services.
No data is ever shared with a third-party. No personal data is recorded and processed.


In general, there are no tracking-cookies in place. Neither do I want to be tracked, nor do I want to track you. Services provided on this domain won’t utilize ANY site-analytics, usage-analytics (like Plausible, Google Adsense, Matomo, etc.).


Each site-request (targeting * and is logged. The following information will be stored for a max. of 4 weeks, then will be deleted permanently.

These logs exclusively serve to protect from attacks (like DoS) against servers and infrastructure of None of this information will be processed nor used for any analytic purposes. Logs will be retained for a max. period of 4 weeks on the servers serving * and No third-party does and will ever have access to these logs.

Site Embeds

Blog posts, articles and pages on might embed so called iframe to other services and websites. In general, I try to only link to privacy friendly services.


Invidious is a privacy-friendly alternative frontend for YouTube. To prevent you being tracked by Google when visiting *, all Video-embeds are served through Invidious. The following instance(s) are randomly utilized for embedding.


Owncast is a privacy-friendly live-streaming site as alternative to Twitch.


Soundcloud is an audio-streaming service (just like Spotify). uses Soundcloud embeds on certain pages. Embeds will store cookies. Please follow Soundclouds Privacy Policy for more details. (Please note, that I’m working on replacing Soundcloud with a self-hosted more privacy-friendly solution).

Further transparency


All services provided on and * are hosted on Virtual Private Servers (VPS) at Netcup (subsidiary company of Anexia GmbH). Servers are in Frankfurt, Germany. Servers are running the latest version of Fedora Server and are patched ~2 times a week (on average). Disks are LUKS encrypted and require LUKS password on boot. All services provided are served through nginx acting as reverse-proxy/load-balancer that also terminates TLS (HTTPS). Servers behind the reverse-proxy are interconnected through Wireguard for secure communication - so none of your traffic (even if previously TLS-terminated) will ever be transferred over the network in plain-text. TLS Certificates are provided by Let’s Encrypt. TLS configuration explicitly only allows TLSv1.3 with the strongest available cipher-suites. HTTP Security Headers are applied where possible and useful.

Read the Netcup Privacy Policy (German)

Personal Commitment

I personally hate it to be tracked online, and that’s why I won’t track you either (and try my best to prevent third parties from tracking you as well). It’s that easy and that’s my promise. I want all services provided at and all of its subdomains to be as privacy friendly as possible. If you have any additions, constructive feedback, hints to improve or wishes - feel free to contact me at any time. As it is with security - at the end of the day everything boils down to trust. It’s very hard to trust service-providers and that effectively boils down to the fact that you can’t and shouldn’t trust me - zero-trust is the best trust after all).

Nonetheless, if you want to verify that the things I’ve written here are true, please get in touch with me. We can arrange a Jitsi call, and I’ll happily show you how things are hosted and configured here at - come on, let’s go for a SSH safari.