Controller

Milos Oroz
Anna-Bastel-Gasse 2
1220 Vienna, Austria
Contact: via the contact form

Scope and legal basis

This policy describes what personal data is processed when you visit milos.oroz.space. It is based on the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).

Hosting and server logs

The site is served via Cloudflare (Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA). Cloudflare is certified under the EU-U.S. Data Privacy Framework.

When the site is accessed, technical data is processed (IP address, date, time, requested URL, browser type, operating system). This data is used for technical delivery and operational security. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

Contact form

When you use the contact form, your email address, your message, and a timestamp are stored on a server operated by the controller. The data is used solely to respond to your inquiry.

Legal basis: Art. 6(1)(b) GDPR (contact on request) or Art. 6(1)(f) GDPR (legitimate interest).

Cookies and local storage

This site uses no tracking cookies. Some pages store technical data (e.g. an access token) in your browser's localStorage to preserve session state across visits. Such data stays local and can be removed at any time from your browser settings.

Web analytics

Anonymous visitor statistics are collected via a self-hosted Umami instance. No cookies are set, no unique identifiers persist across sessions, and no personal profiles are built. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in simple reach measurement).

External resources

The site loads typefaces, images, and occasional JavaScript libraries from third parties. For technical reasons your IP address is shared with these providers when the resources are fetched. In particular, Google Fonts (Google Ireland Limited, Dublin) is used.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient delivery).

Access-restricted areas

Some pages are gated by an access code and only delivered after successful authentication.

Retention

Technical server logs are retained by Cloudflare per their privacy terms. Messages submitted via the contact form are kept as long as needed to respond, and at most six months unless a longer statutory retention period applies.

Your rights

You have the following rights:

• Access to your personal data (Art. 15 GDPR)
• Rectification of inaccurate data (Art. 16 GDPR)
• Erasure of your data (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection to processing (Art. 21 GDPR)

Please send rights requests to the controller via the contact form.

Right to lodge a complaint

You have the right to lodge a complaint with the Austrian Data Protection Authority if you believe the processing of your personal data infringes the GDPR: www.dsb.gv.at.

Changes to this policy

This privacy policy will be updated as data processing or the legal framework changes. The version published on this page at the time of your visit applies.