Privacy Policy

Introduction

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and particularly on our websites.

Controller

Wunner Software
Thomas Wunner
Am Fichtenhain 6
95463 Bindlach, Germany
Email:

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of Data Processed

  • Contact data (e.g. email, name)
  • Content data (e.g. text entries, messages)
  • Usage data (e.g. websites visited, access times)
  • Meta/communication data (e.g. device information, IP addresses)

Categories of Data Subjects

  • Users (e.g. website visitors, users of online services)

Legal Bases

Below we share the legal bases of the General Data Protection Regulation (GDPR), on the basis of which we process personal data.

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for a specific purpose.
  • Contract Performance (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract or pre-contractual measures.
  • Legitimate Interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller.

Contact Form

When you send us inquiries via the contact form, your information from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

The processing of data entered into the contact form is based on your consent (Art. 6(1)(a) GDPR). For spam protection, we use ALTCHA, a privacy-friendly CAPTCHA system that does not transmit any personal data to third-party providers.

Provision of Online Services and Web Hosting

To provide our online services securely and efficiently, we use the services of web hosting providers. When accessing our web pages, the following information is automatically stored in server log files:

  • IP address of the accessing device
  • Date and time of access
  • Browser type and version, operating system
  • Requested URL and referrer URL
  • Amount of data transferred and HTTP status code

The IP address constitutes personal data within the meaning of the GDPR. The processing of this data is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring IT security, detecting and preventing attacks, and maintaining stable server operations. Server log files are automatically deleted after 14 days.

To protect our systems, we use CrowdSec, a GDPR-compliant open-source security solution based in France. In cases of suspicious technical behaviour (e.g. DDoS attacks, brute-force attempts, exploit scanning), the IP address, timestamp, and type of violation are transmitted to the CrowdSec cloud to enable collaborative threat detection. The legal basis for this processing is also Art. 6(1)(f) GDPR (legitimate interest in IT security). For more information, please visit crowdsec.net/legal-notices.

Web Analytics with Umami

We use Umami, a privacy-friendly open-source web analytics software that is self-hosted on our own server (umami.wunner-software.de). No data is transmitted to third-party providers.

Umami operates without cookies and without cross-site tracking. The following data is collected in anonymized or pseudonymized form:

  • Pages visited and time spent
  • Referrer (referring website)
  • Browser and device information (user agent)
  • Country (derived from anonymized IP address)

The IP address is not stored and is only used once to create an anonymous visitor hash that does not allow identification of individual persons. The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interests). Our legitimate interest lies in the analysis and optimization of our website.

Blog Comments with Remark42

We use Remark42 in our blog, a privacy-friendly open-source comment system that is self-hosted on our own server (comments.wunner-software.de). Comments are only loaded when you actively click "Load Comments".

When using the comment function, the following data is processed:

  • Your username (freely selectable for anonymous use)
  • Your comment text
  • Time of comment
  • IP address (not publicly displayed)

No data is transmitted to third-party providers. The legal basis is Art. 6(1)(a) GDPR (consent by actively loading the comment function).

Rights of Data Subjects

As a data subject, you have various rights under the GDPR:

  • Right to Object: You have the right to object at any time to the processing of your personal data.
  • Right to Withdraw Consent: You have the right to withdraw consent given at any time.
  • Right of Access: You have the right to request confirmation as to whether data concerning you is being processed.
  • Right to Rectification: You have the right to request the correction of inaccurate data concerning you.
  • Right to Erasure: You have the right to request the deletion of data concerning you.
  • Right to Restriction of Processing: You have the right to request restriction of processing of your data.
  • Right to Data Portability: You have the right to receive data concerning you in a transferable format.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority.

Changes to this Privacy Policy

We ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as soon as changes in data processing make this necessary.

Last updated: February 2026