GDPR and Vomtom.at

With the General Data Protection Regulation coming into force on May 25th, 2018, I set some measures to ensure this site is fully GDPR compliant.

As this site is running out of Europe and I am an European citizen who values privacy, I want to make sure your data is safe with me.

If you have any questions, reach out to me via training@vomtom.at.

What Data Do I Collect?

On my Website:

My Website is hosted on virtual instances by Scaleway. Scaleway is a cloud division of Online.net, itself a subsidiary of the French Iliad group.

I use Google Analytics and Facebook tracking cookies only after giving consent to do so. This is ensured through an opt-in way. If you are visiting this page the first time, your IP is transferred to ipinfo.co to display the appropriate cookie-consent box. Ipinfo Privacy Policy. You have to give your consent by clicking "I want cookies" to enable any non-essential cookies if your local law requires to do so.

Your IP Address might be stored by other third-party services, because I am also using scripts hosted on third party web-servers. Jquery is loaded from code.jquery.com, which doesn't store any cookies. The JQuery libraries are served through StackPath CDN. http://www.stackpath.com/gdpr/.

All other scripts are served through the Cloudflare CDN. Coudflare is fully GDPR compliant. https://www.cloudflare.com/gdpr/introduction/. The cloudflare site doesn't store any non-essential or tracking cookies.

Newsletter

My Newsletter is hosted by mailchimp. If you decide to signup through the signup-form provided on every Blog-Entry then you have to douple-opt-in. This means you signup, you get a confirmation email and then you have to click a link inside to actually enable the newsletter.

Mailchimp is fully GDPR compliant and I have filed for an DPA, as I am the data collector and Mailchimp is the Data Processor.

Your IP and My Server

When browsing my site your IP Address is transferred and logged. This happens only to ensure safe operations. After a certain time the logs are removed. This typically happens on a rolling 14 days basis.

In the (hopefully) unlikely event of a hacking attempt your IP address might be stored for longer to analyze the hack and will be removed thereafter.

The Server is running a Debian self-patching to the latest security updates and informing me regularly about activities. These activities are typically reviewed once a week to ensure everything runs within normal parameters.

Complaints & Information Requests

As I am the sole operator of the site, you can file complaints directly to me. Same goes with Information Requests:

Thomas Wiesner
training@vomtom.at