Data protection position

This website exists to publish legal analysis, documentary records, public filings and related archive material. Personal data is not collected as a business model. No behavioural advertising profile is built around visitors.

Processing may occur where technically necessary for delivery, security, abuse prevention, contact handling, evidentiary integrity and administration of submitted requests.

Depending on the route used, the platform may process IP address, user agent, requested page, referrer, timestamp, submitted form data, attached documents, internal review status and administrative audit information.

Only data that is operationally necessary for publication, communication, security or accountability should be submitted. Do not send unnecessary sensitive personal data through public forms.

Basic analytics and security related request metadata may be stored server side in order to understand traffic, detect abuse, investigate attacks and preserve service stability. The implementation is intentionally limited and does not claim to be anonymous.

Visitor analytics are automatically deleted after 90 days. Administrative security and audit records are automatically deleted after 365 days unless a shorter or longer retention becomes legally necessary in a concrete incident.

If you submit a message through the contact or press route, the submitted identity data, message content, technical metadata and any uploaded attachment may be stored in order to review, answer, verify, filter abuse and document the communication chain.

Open or active requests remain stored while review, follow up or evidentiary integrity requires it. Closed requests and related uploaded attachments are automatically deleted after 3 years. Spam or abusive submissions are automatically deleted after 180 days.

Signal submissions may store the submitted message, optional contact data, related dossier reference, IP address, user agent and timestamps in order to review the signal, protect the system against abuse and preserve evidentiary integrity.

Open signals remain stored while review or follow up is necessary. Closed signals are automatically deleted after 3 years.

This platform is not designed around marketing cookies. Where technically necessary session values or cookies are used for administration, security, CSRF protection or essential form handling, they are limited to that operational purpose.

No promise is made beyond the actual implementation. If the implementation changes, this page must be updated as well.

Operational processing for publication, hosting, security, abuse prevention and administration of incoming communications is generally carried out on the basis of legitimate interests under Article 6 paragraph 1 letter f GDPR, and where the processing is necessary to handle a request initiated by the data subject also on Article 6 paragraph 1 letter b GDPR.

Where statutory retention or disclosure obligations arise in a concrete matter, Article 6 paragraph 1 letter c GDPR may also become relevant. This statement describes the current operational setup and does not replace case specific legal assessment.

Data subjects may request information, rectification, erasure, restriction or raise an objection where the legal requirements are met. Any such request should identify the relevant processing context precisely enough to allow verification and retrieval.

Questions relating to privacy or data protection can be directed through the written contact route on this website. Rights requests are not processed blindly. They must be concrete enough to be assessed and authenticated.