Who I am
The address of my website is: https://return-insights.com.
Comments
When visitors leave comments, the data entered in the comment form, as well as the IP address and browser user agent, are collected to detect spam and ensure the security of the website.
A hash may be generated from the provided email address and transmitted to the Gravatar service to check whether a profile exists. The Gravatar privacy policy is available at https://automattic.com/privacy/. After a comment is approved, the associated profile image becomes publicly visible.
Media
Registered users should avoid uploading photos containing EXIF GPS data, as visitors may extract such information from downloaded images.
Cookies
When writing a comment, the name, email address, and website may be stored in cookies to simplify future comments. These cookies are stored for one year.
For logged‑in users, temporary cookies are set to check browser cookie capability, along with additional cookies storing login information and display preferences.
- Login cookies expire after two days
- Display cookies after one year
- “Stay logged in” keeps the session active for two weeks
- Logging out deletes login cookies
When editing or publishing a post, a cookie containing only the post ID is stored and expires after one day.
Embedded Content
Posts may contain embedded content (e.g., videos, images, articles). Such content behaves as if you visited the respective external website. External providers may collect data, set cookies, or use tracking technologies.
Who I share your data with
If you request a password reset, your IP address will be included in the corresponding email.
Data Retention
Comments and associated metadata are stored permanently to automatically recognize follow‑up comments.
For registered users, the personal data stored in their profile is retained. Users may view, modify, or delete their data at any time (except for the username). Administrators can also view and edit this information.
Your Rights
You may request an export of your stored personal data as well as the deletion of such data. This excludes data that must be retained for administrative, legal, or security reasons.
Where Data Is Sent
Visitor comments may be checked through an automated spam detection service.
Web Analytics with Matomo
I use the open‑source software Matomo to analyze user behavior. Matomo is operated on my own server within the EU; all collected data is processed exclusively there.
Matomo: Processed Data
- anonymized IP address
- pages viewed
- date and time of access
- referrer URL
- browser and operating system
- screen resolution
Matomo: IP Anonymization
The IP address is shortened before storage so that it cannot be directly linked to a person.
Matomo: Operation Without Cookies
Matomo is operated without cookies. The analysis is based solely on anonymized data.
Matomo: Storage and Deletion
The data is stored exclusively on my own server and automatically deleted after a defined period. No data is shared with third parties.
Matomo: Legal Basis
Art. 6(1)(f) GDPR (legitimate interest).
Matomo: No Data Processing Agreement Required
Since Matomo is fully operated on my own server and no external service provider has access to the data, no data processing agreement is required.
Server Operation
The website is hosted on a self‑managed server within the EU. When accessing the website, technically necessary data automatically transmitted by the browser is processed (server log files):
- IP address
- date and time of access
- browser type and version
- operating system
- referrer URL
- hostname of the accessing device
This processing ensures technical operation, IT security, and optimization of the online offering. The legal basis is Art. 6(1)(f) GDPR.
No data is transferred to third countries.