Skip to content

PatchFlux

PatchFluxIndependent aggregator for Microsoft & IT news

Privacy Policy

PatchFlux stores only metadata needed to display news headlines: title, publication date, source name, and link. Article bodies, excerpts, images, or videos are never copied. This policy explains which personal data is processed when you visit the site.

1. Controller under the GDPR

The controller responsible for processing personal data on this website within the meaning of Art. 4 no. 7 GDPR is:

René Omlor
Zinzendorfstraße 3
01069 Dresden
Deutschland

Email for data-protection enquiries: contact@patchflux.de

2. Data Protection Officer

A DPO is not required for this non-commercial private operation (§ 38 BDSG, Germany). Requests are handled directly by the controller.

3. What data we process

When you access the site, the following technical data is processed: the requesting device's IP address, date and time of the request, the requested path, HTTP status code, bytes transferred, referrer (if sent by your browser) and the User-Agent string. The site sets no cookies, loads no client-side analytics or advertising trackers, and creates no user profiles. No registration is offered; no personal form data is processed.

4. Legal bases and purposes

The access data above is processed on the basis of Art. 6 (1) (f) GDPR (legitimate interests). The legitimate interest lies in the reliable, secure and abuse-free operation of the website and in short-term error and capacity analysis. Should future features process data for the performance of a contract (e.g. contact forms), the legal basis is Art. 6 (1) (b) GDPR.

5. Retention

Platform-side access logs (Azure Static Web Apps, Azure Functions) are retained for up to 7 days. Azure Application Insights stores anonymised telemetry (path, response time, HTTP code, User-Agent category) for up to 30 days; the IP address is used only for coarse geolocation (country/region) and is masked to 0.0.0.0 immediately (DisableIpMasking remains off). The operator cannot re-identify individuals from this telemetry.

6. Processors

The following processor under Art. 28 GDPR is used to operate the site: Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland (hosting: Azure Static Web Apps + Azure Functions + Azure Table Storage + Application Insights; region ‘West Europe’, data centre: Netherlands).

7. Transfers to third countries

Processing primarily takes place in the EU data centre ‘West Europe’ (Netherlands). Microsoft Corporation (USA), the parent company, may in individual cases (e.g. support, abuse detection) access telemetry data. Transfers to the USA are based on the European Commission's Standard Contractual Clauses (Art. 46 (2) (c) GDPR) and the EU-US Data Privacy Framework (Commission adequacy decision of 10 July 2023); Microsoft Corporation is certified under that framework.

8. Third-party links

Every news item links out to the original publisher. Opening such a link transfers you to that publisher's site; their privacy policy applies from that point. The operator has no influence over their processing.

9. Your rights

Under the GDPR you have the right to information (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to processing based on legitimate interests (Art. 21). You can exercise these rights informally by emailing the controller above.

10. Right to lodge a complaint

Without prejudice to other remedies, every data subject has the right to lodge a complaint with a data-protection supervisory authority (Art. 77 GDPR), in particular the authority of your habitual residence or the controller's establishment.

11. Automated decision-making

No automated decision-making, including profiling, within the meaning of Art. 22 GDPR takes place.

12. Changes to this policy

This policy is updated when there are legal or technical changes to the operation of the website. The current version is always available on this page.