Privacy policy

Controller under the GDPR: MikeIT.dev (operator: Mike Gölz) Mike Gölz F5, 14 68159 Mannheim Deutschland Privacy contact: contact@mikeit.dev

This policy explains how personal data is processed when you visit mikeit.dev or get in touch. No analytics or marketing trackers are used. There is no newsletter and no payment processing on the site unless introduced separately later. External services like Cal.com are only loaded after active user interaction. Before that, no third-party requests take place.

The website is hosted and delivered by Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA. Server logs may include IP address, date and time, URL, user agent, referrer, and error codes. Purpose: delivery, stability, and security. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest) and, where relevant, Art. 6 (1) (b) GDPR. Retention: typically a few weeks, depending on configuration. Vercel is engaged as a processor. A data processing agreement (DPA) is in place with Vercel, based on standard contractual clauses (SCC) for transfers to the USA. Vercel Web Analytics or similar Vercel analytics products are not integrated on this website. We do not enable marketing or reach trackers.

The domain mikeit.dev is managed by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. IONOS is the domain registrar, not the website host. Content delivery is via Vercel.

Technical data is processed when you visit (see hosting). We do not build advertising profiles.

Necessary: MIKEIT_COOKIE_CONSENT (localStorage) stores your cookie choice. Also necessary: the technical cookie mk_cfrl (see Contact form section). Functional (optional): MIKEIT_LOCALE cookie and localStorage for language (up to 12 months) if you allow functional storage. Without consent, language still works via URLs (/de, /en). Statistics and marketing: not used. Details: /en/cookies

If you email us at contact@mikeit.dev, we process the data you send to handle your request. Legal basis: Art. 6 (1) (b) or (f) GDPR. Retention: until the request is completed, then as required by law.

A contact form is available on /en/contact. Required fields: topic (from the discipline list), name, company, email. Optional: phone, message. Submitting requires explicit consent to data processing for handling the inquiry. Delivery is via Resend (Resend, Inc., 2261 Market Street #4990, San Francisco, CA 94114, USA) with an EU-region API key. The submitted data (name, company, email, optional phone, optional message, selected interest) is forwarded to Resend, packaged into an email, and delivered to contact@mikeit.dev. Resend stores the submitted email for delivery and short-term diagnostic purposes. Legal basis: Art. 6 (1) (a) GDPR (consent via the form checkbox) and Art. 6 (1) (b) or (f) GDPR. A data processing agreement is in place with Resend. For US transfers, standard contractual clauses apply. Spam protection and rate limit: an HttpOnly cookie mk_cfrl (HMAC-signed, 24h) records the last submit timestamp and a counter to limit excessive submission rates. The cookie is read server-side only and contains no personal data beyond an internal timestamp and counter. Cloudflare Turnstile (bot protection): currently not activated. If Turnstile is enabled later (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA), it sets short-lived validation cookies. No tracking. A visible note will appear in the form when enabled. Retention of the received email: until the inquiry is completed, then per applicable law.

A booking widget by Cal, Inc. (Cal.com) is offered on /en/contact. No Cal.com resources are loaded on initial page render. Only after you actively click „Pick a slot" the Cal.com iframe is embedded. Only then can cookies and data be transmitted to Cal.com (click-to-load). Within the active booking dialog, Cal.com captures the data required for booking directly. The booking UI is loaded in the language of the page (parameter cal.lang=de or cal.lang=en). Cal.com's privacy policy applies. Legal basis: Art. 6 (1) (a) GDPR (consent through active click) and Art. 6 (1) (b) GDPR.

Footer links point to external profiles (e.g. LinkedIn, GitHub, YouTube, email). Clicking leaves mikeit.dev; the third party's policy applies. No social plugins that transmit data on page load.

YouTube videos are not embedded yet. If we add YouTube embeds later, Google (YouTube LLC) may process personal data (e.g. IP address, usage data). Embeds would then only load after consent via cookie settings, if technically implemented.

The site uses the Geist font via next/font from Next.js. Font files are bundled at build time and served from our host (Vercel). Visitors' browsers do not connect to Google Fonts.

Currently no analytics tools, newsletter, or payment providers on this website. Vercel Web Analytics is not integrated.

Art. 6 (1) (f) GDPR: operation and security Art. 6 (1) (b) GDPR: contact about services Art. 6 (1) (a) GDPR: optional functional storage if you consent

Data is kept only as long as needed for the purpose or as required by law.

Recipients may include Vercel (hosting), IONOS (domain), Resend (contact form delivery, DPA in place), Cal.com (booking widget, only after explicit click), Cloudflare (Turnstile bot protection, if enabled), and your mail provider when you contact us. No sharing for advertising.

Vercel, Resend, Cal.com, and Cloudflare (USA) may involve transfers outside the EU/EEA. Legal basis are the respective data processing agreements with standard contractual clauses and supplementary measures. Resend is operated with an EU-region API configuration. Cal.com can be EU-hosted depending on setup.

You may have rights of access, rectification, erasure, restriction, objection, portability, and complaint to a supervisory authority under the GDPR.

The site is served over HTTPS with appropriate technical measures.

This policy is updated when the site or the legal situation changes (e.g. new integrated services, captcha changes). The current version is published on this page. Last updated: May 2026.