Version: 11 March 2026

With our privacy policy we would like to inform you about the personal data (‘data’) we process and for what purpose. The privacy policy relates to the following website:

• https://www.marcelhebing.de/
• https://hebing.dev/

Responsible

The responsible, under the General Data Protection Regulation (GDPR), and other national data protection laws of the EU member states, as well as other data protection regulations is:

mStats DS GmbH
Hohe Bleichen 12
20354 Hamburg

Authorised representative: Dr Marcel Hebing
Email address: marcel@hebing.dev

Overview of processing operations

Types of data processed

• Meta, communication and procedural data.
• Log data.
• Usage data (e.g. IP numbers, page views, length of visit and device types and operating systems used).
• Categories of data subjects: Users.

Purposes of the processing

• Security measures.
• Provision of our (online) services.
• Provision of the infrastructure.

Provision of the online offering and web hosting

• Provision of our online offer on rented storage and hosting space: For the provision of our online offer, we obtain storage space, IT capacities and software from server providers (‘web hosts’). Legitimate interests serve as the legal basis (Art. 6 para. 1 lit. f GDPR).
• Collection of access data and log files on servers: Access to our online offering is logged (‘server logging’). This may include IP addresses, names of pages or files accessed, date and time of access, volume of data transferred, browser type and version including operating system and so-called ‘referrer URL’. Log files are used for security purposes and to ensure service stability. Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR).

Use of cookies

For technical reasons, we use session cookies to correctly identify authenticated users while they are on our website. At the end of the session the corresponding cookies are discarded.

Data deletion

As soon as the original processing purpose no longer applies, or as soon as there is no longer a need to retain the data, we delete the personal data (‘data minimisation’).

Relevant legal bases

We process data in accordance with the EU General Data Protection Regulation (GDPR)

• Legitimate interests (Art. 6 para. 1 lit. f) GDPR)

In addition to the GDPR, national data protection regulations apply. In particular, the German Federal Data Protection Act (BDSG) and Federal State data protection laws may also apply.

Transmission of personal data

When processing personal data, we pass it on to third parties. These include IT service providers and providers of integrated services. In doing so, we observe the legal requirements and conclude appropriate contracts to ensure the protection of your data.

Hosting

We host the content of our website with the following provider:

Hetzner The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (hereinafter referred to as "Hetzner").

The use of Hetzner is based on Art. 6(1)(f) GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Consent can be revoked at any time.

Data Processing Agreement We have concluded a Data Processing Agreement (DPA) with Hetzner. This is a contract required by data protection law, which ensures that Hetzner processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Rights of the data subjects

As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

• Right to object on grounds of legitimate interest: You have the right to object at any time to the processing of your personal data, which is carried out on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR).
• Right to information: You have the right to know whether we are processing your personal data. You also have the right to assert further information rights and request copies of data in accordance with legal requirements.
• Right to rectification: You have the right to request the completion or rectification of your personal data processed by us.
• Right to erasure and restriction of processing: You have the right, in compliance with legal requirements, to request the erasure of data or restriction of processing.
• Right to data portability: In accordance with legal requirements, you have the right to request that we transfer your personal data to you or to another controller in a structured, commonly used and machine-readable format.
• Complaint to supervisory authority: If you believe that our processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority (e.g., in the EU member state in which your habitual residence or place of work is located).

Competent data protection authority

Hamburg Commissioner for Data Protection and Freedom of Information Ludwig-Erhard-Str. 22 20459 Hamburg

https://datenschutz-hamburg.de/