Information according to Art. 13 GDPR — Last updated: 2026-05-09
Karl Tiller
Wilhelm-Liebknecht-Str. 30, 35396 Gießen, Germany
Phone: +256 779 100 993
Email: info@karl-tiller.de
A formal data protection officer is not required (private project, no large-scale data processing). Inquiries are handled directly by the controller.
| Data | Purpose | Legal basis |
|---|---|---|
| Name, Email, Password (hashed) | User authentication, account management | Art. 6 (1) b GDPR |
| Google account ID (sub), Name, Email | Sign in via Google OAuth | Art. 6 (1) a + b GDPR |
| Registration reason (optional) | Admin review for account approval | Art. 6 (1) b GDPR |
| IP address, User-Agent, Login timestamps | IT security, abuse prevention, audit log | Art. 6 (1) f GDPR (legitimate interest) |
| Session ID | Keep user logged in | Art. 6 (1) b GDPR |
We only use technically necessary cookies. No consent is required under § 25 Abs. 2 TDDDG.
| Cookie | Purpose | Lifetime |
|---|---|---|
ug_session | Login session | 30 days |
flask_session | OAuth state during Google sign-in | Browser session |
ug_lang | Selected interface language | 1 year |
We use the following processors under Art. 28 GDPR:
When you sign in with Google, your data may be transferred to the USA. Google LLC is certified under the EU-US Data Privacy Framework. All other processors are based in the EU.
Under the GDPR, you have the right to:
When you visit this site, our web server temporarily stores the following data in log files: IP, User-Agent, Referer, URL, Status-Code. Logs are rotated and deleted after 14 days. Legal basis: Art. 6 (1) f GDPR (IT security).
This policy may be updated to reflect changes in the service or legal requirements. Significant changes will be communicated by email.