Privacy Policy

I develop and run this website myself. I deliberately make sure that as little data as possible is processed. That means: no tracking, no analytics tools, and no advertising cookies. On this page, I explain what happens in the background when you use my website or the client area.

Controller

Georg Kropik, 1020 Vienna, Austria
Privacy contact: datenschutz@georgkropik.at

Hosting & technical setup

This website runs on my own server in Austria. When you simply visit the website, no data is transferred to external tracking or analytics services.

Website visits & security logs

To protect my client galleries and the login area against unauthorized access, suspicious requests may be logged and IP addresses may be temporarily blocked. This applies, for example, to repeated invalid page requests with 404 errors or failed login attempts. In that context, the following technical data may be stored: IP address, date and time, requested URL, browser type, and operating system.

This processing is based on my legitimate interest in keeping the website and client area secure. Such data is stored only as long as necessary for security purposes. Entries older than 30 days are automatically removed.

Contact requests

If you contact me via the form or by email, I process the details you provide, for example your name, email address, phone number, and message, in order to answer your request and handle follow-up questions. The legal basis is pre-contractual or contractual communication. I store contact requests only as long as needed for handling the request, possible follow-up questions, and legal retention duties.

Client area & galleries

If you use the protected client area, technically necessary login and session data as well as the assignment of your access to your galleries are processed. This is needed so that only authorized people can access protected photos, videos, and downloads. The legal basis is our collaboration or my legitimate interest in access protection.

Spam protection with ALTCHA

To prevent automated spam, I use ALTCHA, a privacy-friendly proof-of-work system. A small challenge is solved directly in your browser. I host this system myself as well, so no personal data is transferred to third parties.

Cookies, local storage & no tracking

I do not use tracking or analytics cookies. Only technically required cookies are used, for example for login sessions, form protection, or short notices in the client area. In addition, local settings such as language or gallery view may be stored in your browser.

Recipients & external links

I do not share personal data for advertising or tracking purposes. Data is only shared if it is technically or legally necessary, for example for email delivery, tax advice, invoicing, or authorities. External links, for example to Instagram or Google, only transfer data to those providers if you actively click them.

Business and retention duties

If we work together, I may process contact, project, offer, invoice, payment, and gallery data to handle our collaboration. The legal basis is contract performance and, where applicable, legal duties such as tax retention obligations. These data are stored as long as needed for the collaboration and statutory retention periods.

Your rights

You have the right to request information about your stored data, have it corrected or deleted, request restricted processing, object to processing, or receive your data in a common format. If processing is based on consent, you can withdraw that consent at any time with effect for the future.

If you believe your data is not handled carefully enough, you can file a complaint with the Austrian Data Protection Authority: Barichgasse 40-42, 1030 Vienna, Austria, dsb@dsb.gv.at. Ideally, we solve it directly first.