Privacy Policy

1. General Information

This Privacy Policy explains which personal data is processed when visiting this website, on what legal basis, and for which purpose.
The website is a non-commercial project intended for presenting photographic and photojournalistic works and is not aimed at generating revenue.

Data Controller (Art. 4 para. 7 GDPR):
Evgeniy Bierich
Philipp-Reis-Straße 11
65232 Taunusstein, Germany
Email: info@fotowelterbe.com

Legal basis of processing:

  • Art. 6(1)(a) GDPR (consent)
  • Art. 6(1)(b) GDPR (processing a user request)
  • Art. 6(1)(c) GDPR (legal obligation)
  • Art. 6(1)(f) GDPR (legitimate interest)

2. Collection and Processing of Data

2.1. Technically necessary data (log files)

When visiting the website, the hosting provider automatically stores technically necessary data:

  • shortened or anonymized IP address
  • date and time of the request
  • browser type and version
  • operating system
  • URL of the page from which the access was made
  • server response status
  • amount of data transferred

This data is processed based on Art. 6(1)(f) GDPR (legitimate interest) — to ensure stability, security, and technical availability of the website.
The data is not used for analytical or commercial purposes.

3. Cookies

The website uses only technically necessary cookies if required for the proper functioning of individual components.
Marketing and analytics cookies are not used.

If analytical or third-party services are added in the future, a separate consent window (cookie banner) will be implemented according to Art. 6(1)(a) GDPR.

4. Contact via Email

If you contact me via email, the following data is processed:

  • email address
  • name (if provided)
  • content of the message

Processing is based on Art. 6(1)(b) GDPR (handling the request) or Art. 6(1)(f) GDPR (legitimate interest — responding to the inquiry).
Data is not transferred to third parties.

5. SSL/TLS Encryption

This website uses SSL/TLS encryption to protect transmitted data from unauthorized access.
You can recognize an encrypted connection by the prefix “https://” in your browser’s address bar.

6. Backups

The hosting provider automatically creates regular backups of the website.
These backups are used solely for system recovery in case of technical failures.
Access is restricted to authorized technical personnel of the hosting provider.
Backups are stored only for a limited period in accordance with the provider’s internal policies.

7. Links to Social Media

This website may include links to my social media profiles (e.g., Instagram, Pinterest).
These are simple hyperlinks and do not transmit personal data to these platforms before you click on them.
Data processing on external sites is governed by the privacy policies of the respective platforms.
Embedded social media widgets are not used.

8. Photographs and EXIF Data

Photographs published on the website may contain embedded EXIF metadata such as shooting date or camera information.
All GPS location data are removed prior to publication.
Users downloading images may still be able to view EXIF data using their own tools or software.

9. Comments on the Website

If a comment function is available on the website, the following data will be processed when a comment is submitted:

  • name or nickname (if provided),
  • email address,
  • content of the comment,
  • IP address (for security and anti-spam purposes),
  • date and time of publication.

Processing is based on Art. 6(1)(b) GDPR (fulfilment of user request — publishing a comment) and Art. 6(1)(f) GDPR (legitimate interest — protection against misuse).

Comments are stored indefinitely as long as the associated post remains available on the website or until the user requests deletion.
The data is not removed automatically but can be deleted upon user request or moderation.

Data is not shared with third parties unless an external commenting system is used.

If an external provider (e.g., Disqus) is integrated in the future, this Privacy Policy will be updated accordingly.

10. Use of Local Technical Plugins

The website may use technical plugins (e.g., caching, performance optimization, galleries, layout elements) that operate locally and do not transmit personal data to third-party providers.

These plugins serve the technical operation of the website only and do not collect personal data for analytics or marketing purposes.

11. Server-Side Statistics and Hosting Analytics

The hosting provider may supply aggregated visit statistics based on server log files. These may include:

  • number of page views and visitors,
  • accessed content,
  • approximate geographic origin (country),
  • browser type,
  • server error information.

These data are used exclusively for technical monitoring and are not used to create user profiles.
Processing is based on Art. 6(1)(f) GDPR (legitimate interest — maintaining stability and security).
No marketing or tracking cookies are used.

12. Use of Third-Party Services

The website currently does not use:

  • analytics (Google Analytics, etc.)
  • maps (Google Maps, etc.)
  • embedded social networks
  • embedded videos (YouTube, Vimeo)
  • external fonts

If such functions appear in the future, the Privacy Policy will be updated, and third-party services will be loaded only after obtaining user consent.

If YouTube videos are added in the future, they will be integrated using the “enhanced privacy mode” (YouTube no-cookie mode).
In this mode, personal data is transferred to YouTube only after the user actively clicks the play button.

13. Transfer of Data to Third Parties

Data is transferred to third parties only if:

  • explicit user consent is given (Art. 6(1)(a) GDPR)
  • there is a legal obligation (Art. 6(1)(c) GDPR)
  • it is technically necessary (e.g., hosting provider — Art. 28 GDPR)

The hosting provider processes data exclusively within the framework of a data processing agreement (Art. 28 GDPR) and is obligated to ensure technical and organizational data protection, and to refrain from using the data for its own purposes.

14. User Rights (Art. 12–23 GDPR)

Users have the right to:

  • obtain information about stored personal data
  • request correction of inaccurate data
  • request deletion (“right to be forgotten”)
  • restrict processing
  • receive data in a portable format
  • withdraw previously given consent
  • object to processing

Supervisory authority:
Hessian Commissioner for Data Protection and Freedom of Information (HBDI)
Email: poststelle@datenschutz.hessen.de

To exercise rights, please write to:
📩 info@fotowelterbe.com

15. Data Retention Periods

Technical log files are stored by the hosting provider for a limited period (usually 7–30 days) and deleted automatically.
Email correspondence is stored only as long as necessary to process the request.

16. Non-Commercial Nature of the Project and Possible Future Changes

The website is currently a non-commercial creative portfolio and does not collect personal data for commercial purposes.

Possible future functions:

  • donations
  • paid content
  • subscriptions
  • affiliate programs

If such features appear:

  • the website will be registered with German tax authorities,
  • the Privacy Policy will be updated according to new data processing mechanisms.

17. Changes to the Privacy Policy

This Policy may be updated due to the development of the website or changes in legislation.
The current version is always available on this page.