Privacy Policy (Datenschutzerklärung)

Last updated: April 16, 2026

1. Controller Information (Responsible Party)

In accordance with the General Data Protection Regulation (GDPR) and the German Telecommunications-Digital Services-Data Protection Act (TDDDG), the responsible party for data processing on this website is:

Philip Sheldon
Heidekampweg 9
12437 Berlin
Germany

Phone: 01638727622
Email: philip.sheldon@outlook.com

The controller is not required to appoint a Data Protection Officer.

2. Hosting and Server Log Files

This website is hosted by:
Bluehost.com (Newfold Digital, Inc., 5335 Gate Parkway, Jacksonville, FL 32256, USA)

Server location: United States of America (USA)

When you visit this website, Bluehost automatically collects and stores the following information in so-called server log files:

• Browser type and version
• Operating system used
• Referrer URL (the previously visited page)
• Hostname of the accessing device (IP address)
• Date and time of the server request

Legal basis: Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest is the technically error-free provision and optimisation of this website, as well as the security of our IT systems.

Retention period: Server log files are stored for 30 days and then automatically deleted, unless retained longer for security incident investigation (e.g., DDoS attack).

Data transfer to the USA: Your data is transferred to the USA. The European Commission has issued an adequacy decision for the EU-US Data Privacy Framework (DPF). However, not all US companies are certified. Bluehost is currently not listed as a certified participant. For this transfer, we rely on your explicit consent where required, and on Standard Contractual Clauses (SCCs) adopted by the European Commission. You may request a copy of the SCCs by contacting us at philip.sheldon@outlook.com.

3. Comments

When visitors leave comments on this website, we collect:

• The data shown in the comments form (name, email address, website – if provided)
• The visitor’s IP address
• Browser user agent string (to help spam detection)

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in spam prevention and site security).

Gravatar service: An anonymised string (hash) created from your email address may be provided to the Gravatar service (Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA) to check if you are using it. Gravatar’s privacy policy is available at: https://automattic.com/privacy/. After approval of your comment, your profile picture is publicly visible in the context of your comment.

Legal basis for Gravatar: Art. 6(1)(a) GDPR (consent), which you give by submitting your comment. If you do not wish this, do not leave a comment or use a different email address not associated with Gravatar.

Data transfer to the USA: Gravatar transfers data to the USA. Automattic is certified under the EU-US Data Privacy Framework.

4. Media

If you upload images to this website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

We do not automatically process EXIF data, but we cannot prevent visitors from accessing it if present.

5. Cookies (General Disclosure)

This website uses cookies. Cookies are small text files stored on your device. Some cookies are technically necessary for the website to function (e.g., login cookies). Others require your consent (e.g., comment cookies, analytics, embedded content).

For all cookies that are not strictly necessary, we obtain your active consent via a cookie consent management tool (banner) before setting them. You can withdraw your consent at any time by adjusting your cookie preferences via the banner link in the footer of this website.

Legal basis for necessary cookies: Art. 6(1)(f) GDPR or § 25(2) TDDDG (legitimate interest in providing a functional website).
Legal basis for all other cookies: Art. 6(1)(a) GDPR and § 25(1) TDDDG (your consent).

Cookie types used on this website:

Note: If you do not have a user account and do not leave comments, no non-necessary cookies will be set without your consent via the cookie banner.

6. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics uses cookies to analyse your use of the website.

The information generated by the cookie about your use of this website is typically transmitted to a Google server in the USA and stored there. Google processes this data on our behalf to evaluate website usage, compile reports, and provide other services.

Data collected includes: IP address (anonymised), pages visited, time spent, clicks, referring website, device and browser information.

Legal basis: Art. 6(1)(a) GDPR and § 25(1) TDDDG – we only load Google Analytics after you have given your active consent via our cookie banner.

IP anonymisation: We have activated IP anonymisation on this website. Your IP address is truncated by Google within EU member states before being transmitted to the USA.

Data transfer to the USA: Google LLC (USA) is certified under the EU-US Data Privacy Framework.

Opt-out: You can prevent Google Analytics from collecting your data by:

• Not giving consent via our cookie banner, or
• Installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

Retention period: Data stored by Google Analytics is automatically deleted after 26 months.

7. Embedded Content from Other Websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content – including tracking your interaction if you have an account and are logged in to that website.

Under German law, embedded content (e.g., YouTube, Vimeo) will only be loaded after you have given your active consent via our cookie consent management tool. No embedded content from third parties is loaded automatically without consent.

Legal basis for loading embedded content: Art. 6(1)(a) GDPR (consent) and § 25(1) TDDDG.

8. Who We Share Your Data With

We share your personal data only with the following recipients, and only as necessary:

• Our hosting provider: Bluehost.com (Newfold Digital, Inc., USA) – for server operation and security
• Spam detection service: Akismet (Automattic Inc., USA) – to check comments for spam
• Gravatar service (if you leave a comment and have a Gravatar account) – as described in section 3
• Google Analytics (Google Ireland Ltd. / Google LLC USA) – only after your consent
• Cookie consent management tool: [Name of plugin you install, e.g., Complianz / Borlabs Cookie / CookieYes] – to store your consent preferences

If you request a password reset, your IP address will be included in the reset email.

We do not sell your data to third parties.

9. Data Transfers to Third Countries (outside the EU/EEA)

Some of our service providers are located outside the European Union (USA). For these transfers, we rely on:

• The EU-US Data Privacy Framework (for certified US companies such as Automattic and Google)
• Standard Contractual Clauses (SCCs) adopted by the European Commission (for non-certified companies such as Bluehost)
• Your explicit consent (for analytics and embedded content you choose to load)

You can request a copy of the SCCs by contacting us at philip.sheldon@outlook.com.

10. How Long We Retain Your Data

• Comments: If you leave a comment, the comment and its metadata are retained indefinitely. This allows us to recognise and approve follow-up comments automatically instead of holding them in a moderation queue. You may request deletion at any time (see section 11).
• Registered users: If you register on this website, we store the personal information you provide in your user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
• Server log files: 30 days
• Google Analytics data: 26 months
• Cookie consent logs: Your consent choices are stored for 12 months to comply with legal documentation requirements.

11. Your Rights as a Data Subject

Under the GDPR, you have the following rights:

• Right of access (Art. 15): Obtain confirmation of whether we process your data, and receive a copy.
• Right to rectification (Art. 16): Correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten” – Art. 17): Request deletion of your data, subject to legal retention obligations.
• Right to restriction of processing (Art. 18): Limit how we use your data.
• Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interests.
• Right to withdraw consent (Art. 7(3)): Withdraw any consent you have given at any time, without affecting the lawfulness of processing before withdrawal.

To exercise these rights, please contact us at: philip.sheldon@outlook.com

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR), in particular in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.

The competent authority for Berlin is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
Germany

Website: https://www.datenschutz-berlin.de

12. Automated Spam Detection

Visitor comments are checked through the automated spam detection service Akismet (Automattic Inc., USA). This service processes the comment data, IP address, and browser user agent string.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in reducing spam).

Data transfer to the USA: Akismet transfers data to the USA. Automattic is certified under the EU-US Data Privacy Framework.

13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in legal requirements or our data processing practices. The current version is always available on this page.

14. Contact for Privacy Questions

If you have any questions about this Privacy Policy or your data, please contact:

Philip Sheldon
Heidekampweg 9
12437 Berlin
Germany
Email: philip.sheldon@outlook.com
Phone: 01638727622

Who we are

Our website address is: https://www.philipsheldon.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.