Privacy

This Privacy Policy explains which personal data is processed when you visit valops.de, for what purpose this happens and which rights you have. It is tailored to the actual technical setup of this website — not a generic template.

Last updated: May 2026

Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Sascha Köhn · Value Operations
c/o flexdienst – #11740
Kurt-Schumacher-Straße 76
67663 Kaiserslautern
Germany

Email: hello@valops.de

Further details can be found in the legal notice.

Overview

valops.de is a multilingual information website in German and English. There is no online shop, no visitor registration and no contact form on the website. You can contact me by email; in that case, the data you provide is processed outside this website — in your email program and on my mail server.

Content is managed through a self-hosted content management system, Payload CMS, and stored in a PostgreSQL database. The website is hosted on a server operated by Hetzner Online GmbH in Germany.

Hosting and server log files

When you visit the website, technically necessary data is processed in server log files to ensure operation and security. This may include in particular:

• IP address, usually shortened or only stored in full for a short period
• date and time of access
• requested URL and HTTP status
• browser type and operating system, known as the user agent
• referrer URL, if transmitted by the browser

The legal basis is Art. 6 (1) lit. f GDPR — legitimate interest in the stable and secure operation of the website. The log data is not used to identify you without consent or to create a user profile.

Hosting provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Processing takes place in data centers within the EU/EEA.

Retention period: Server log files are only stored for as long as necessary for error analysis and security purposes, usually for a maximum of 30 days, unless longer retention is required due to a specific security incident.

CMS, media and backups

Texts, settings and uploaded media, such as images, are stored in a PostgreSQL database and in the server’s file system. Access to the CMS is limited to authorized administrators, using login by email and password.

For security purposes, regular database and media backups are created. These are stored on the server and optionally on a Hetzner Storage Box in Germany, and are automatically deleted after no more than seven days.

Legal basis: Art. 6 (1) lit. f GDPR — legitimate interest in data backup and recovery.

Contact by email

If you contact me by email, I process the data you provide, such as your email address, name and message content, in order to respond to your inquiry.

The legal basis is Art. 6 (1) lit. b GDPR if the inquiry relates to a potential or existing collaboration; otherwise Art. 6 (1) lit. f GDPR — legitimate interest in responding to inquiries.

The data will be deleted once the inquiry has been fully processed and no statutory retention obligations apply, such as commercial or tax retention periods.

No cookies, no tracking

This website does not use cookies for analytics or marketing purposes and does not integrate any web analytics tools, such as Plausible or Google Analytics. No user profiles are created and no behavior is tracked across multiple websites.

Technically necessary session or storage access by your browser may occur when the page is loaded; no separate consent banner is required for this.

Fonts

The website uses fonts, Geist and Instrument Serif, which are included during the application build and served from our own server using Next.js Font Optimization. When you visit the website, your browser does not establish any connections to Google servers for this purpose.

Structured data, JSON-LD

Structured data, such as Schema.org JSON-LD, is embedded in the website’s source code. This may include name, job title, email address and links to professional profiles. This information is publicly visible and helps search engines better understand the website — it is not used to track individual visitors.

Legal basis: Art. 6 (1) lit. f GDPR.

No further services on the website

valops.de currently does not include embedded appointment booking tools, social media plugins with automatic tracking or newsletter registration. External links, such as LinkedIn or Xing, lead to third-party websites; their own privacy policies apply.

Your rights

You have the following rights vis-à-vis the controller, among others:

• access to the personal data processed, Art. 15 GDPR
• rectification of inaccurate data, Art. 16 GDPR
• deletion, Art. 17 GDPR, unless retention obligations apply
• restriction of processing, Art. 18 GDPR
• data portability, Art. 20 GDPR, where applicable
• objection to processing based on Art. 6 (1) lit. f GDPR, Art. 21 GDPR
• withdrawal of consent given, Art. 7 (3) GDPR, with effect for the future

To exercise your rights, simply send a message to hello@valops.de.

Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority. The competent authority is in particular the supervisory authority at the controller’s place of business, Bavaria:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Postfach 1349
91504 Ansbach
Germany
https://www.lda.bayern.de

Changes

This Privacy Policy may be updated if the website, the services used or the legal situation changes.