Back to home

Privacy Policy

Last updated: June 13, 2026

This English version is provided for convenience; the German version is authoritative. Protecting your personal data matters to me. This is a personal website and it runs on a minimum of data processing: no tracking, no advertising, no analytics cookies, and no social-media plugins. Data is processed only where it is necessary to operate the site and to provide the features you use (such as the contact form).

Controller

Dan Reynolds
Goslarer Ufer 1b
10589 Berlin
Germany
Email: dan@dcr.aero

Hosting and delivery (Cloudflare Pages)

This website is provided through Cloudflare Pages and delivered over Cloudflare’s global content delivery network. The provider is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA, represented in the EU by Cloudflare Germany GmbH, Rosenheimer Straße 116, 81669 Munich.

Cloudflare processes data on my behalf as a processor and provides the technical delivery as well as protection against attacks (e.g. DDoS protection). The legal basis is Art. 6 (1) (f) GDPR (my legitimate interest in operating the site securely and efficiently).

Cloudflare is certified under the EU-U.S. Data Privacy Framework; in addition, the European Commission’s Standard Contractual Clauses apply. For more information, see Cloudflare’s privacy policy.

Server log files

When the site is accessed, Cloudflare automatically collects information that your browser transmits. This includes in particular:

  • IP address
  • date and time of access
  • the address (URL) requested and the volume of data transferred
  • browser type and version, and operating system
  • referrer URL

This data serves the technical delivery, stability, and security of the site. The legal basis is Art. 6 (1) (f) GDPR.

Cookies and local storage

This website sets no tracking cookies of its own. For its own features it uses only your browser’s local storage, for two purposes: your theme choice (light/dark mode) and your cookie decision. This information stays in your browser, is not transmitted to me, and is technically necessary to provide the feature you chose (§ 25 (2) TDDDG).

Cloudflare may set a technically necessary cookie for security purposes (e.g. bot mitigation). The spam-protection service Cloudflare Turnstile (see below) is loaded only after you consent.

For a full overview, see the cookies and storage page.

Cloudflare Turnstile (contact-form spam protection)

The contact form is protected against automated abuse by Cloudflare Turnstile, a privacy-friendly CAPTCHA alternative from Cloudflare, Inc. Turnstile is loaded only after you have consented via the consent banner. If you do not consent, the contact form is unavailable and you can reach me directly by email instead.

When used, Cloudflare may process in particular:

  • IP address
  • browser and device information, and interaction signals

The legal basis is Art. 6 (1) (a) GDPR (consent) in conjunction with § 25 (1) TDDDG, and Art. 6 (1) (f) GDPR (legitimate interest in protection against spam and abuse). You can withdraw your consent at any time with effect for the future by choosing “Manage cookies” in the footer.

Contact form and email delivery

When you use the contact form, I process the data you provide (name, email address, subject, message) in order to respond to your inquiry. The submission is handled technically by a Cloudflare function (Cloudflare Pages Functions) and then delivered to my mailbox through the email provider Mailgun (EU region).

The email-delivery provider is Mailgun (Sinch). Mailgun processes the data as a processor; processing takes place in the EU region. Technical details (e.g. IP address, timestamp) may additionally be processed for abuse detection.

The legal basis is Art. 6 (1) (b) GDPR (handling your inquiry) or Art. 6 (1) (f) GDPR (legitimate interest in communication and in protection against abuse). Your data stays with me until your inquiry has been dealt with conclusively, and is then deleted unless statutory retention obligations apply.

No analytics and no tracking

This website uses no analytics or audience-measurement tools, no profiling, and no cookies for advertising or tracking purposes.

Recipients and processors

  • Cloudflare — hosting, delivery, security, Turnstile, functions
  • Mailgun (Sinch) — delivery of contact-form messages (EU region)

Data processing agreements pursuant to Art. 28 GDPR are in place with these providers.

Transfers to third countries

In the course of using Cloudflare, processing may also take place at the US parent company. Cloudflare is certified under the EU-U.S. Data Privacy Framework; in addition, the European Commission’s Standard Contractual Clauses apply as appropriate safeguards under Art. 46 GDPR.

Your rights

Under the GDPR you have the following rights:

  • access to your processed personal data (Art. 15)
  • rectification of inaccurate data (Art. 16)
  • erasure (Art. 17)
  • restriction of processing (Art. 18)
  • data portability (Art. 20)
  • objection to processing based on legitimate interests (Art. 21)
  • withdrawal of a given consent with effect for the future (Art. 7 (3))

To exercise these rights, a message to dan@dcr.aero is enough.

You also have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for me is the Berlin Commissioner for Data Protection and Freedom of Information (BlnBDI).

Data security

Transmission is encrypted via HTTPS/TLS. I take appropriate technical and organizational measures to protect your data against unauthorized access, loss, or manipulation.

Changes to this privacy policy

I update this privacy policy when the underlying data processing changes. The version published here applies in each case.