Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
about:data_protection [2026/03/21 00:21] adminabout:data_protection [2026/03/31 14:17] (current) admin
Line 14: Line 14:
 | **Address** | Giefinggasse 4, 1210 Vienna, Austria | | **Address** | Giefinggasse 4, 1210 Vienna, Austria |
 | **Contact** | vitaliy.soloviy@ait.ac.at | | **Contact** | vitaliy.soloviy@ait.ac.at |
-| **Data Protection Officer** | dpo@ait.ac.at   |+| **Data Protection Officer** | dpo@ait.ac.at |
  
 This is a non-commercial resource. No fees apply. No advertising. This is a non-commercial resource. No fees apply. No advertising.
Line 23: Line 23:
 | **Account information** (username, real name, email address) | Account management, login authentication, attribution of wiki contributions | Contract (Art. 6(1)(b) GDPR); Legitimate interests (Art. 6(1)(f) GDPR — transparency of public knowledge base) | | **Account information** (username, real name, email address) | Account management, login authentication, attribution of wiki contributions | Contract (Art. 6(1)(b) GDPR); Legitimate interests (Art. 6(1)(f) GDPR — transparency of public knowledge base) |
 | **Contribution history** (edits linked to your account) | Version control, public record of authorship | Legitimate interests (Art. 6(1)(f) GDPR — integrity of shared knowledge resource) | | **Contribution history** (edits linked to your account) | Version control, public record of authorship | Legitimate interests (Art. 6(1)(f) GDPR — integrity of shared knowledge resource) |
-| **Usage data** (page views, referrers, country — no personal identifiers) | Understanding how the wiki is used; improving navigation and content | Legitimate interests (Art. 6(1)(f) GDPR — service quality) |+| **Usage data** (page views, referrer domain, country, browser type, screen size — see analytics section below) | Understanding how the wiki is used; improving navigation and content | Legitimate interests (Art. 6(1)(f) GDPR — service quality) |
 | **Server logs** (IP addresses, request timestamps) | Security — preventing abuse, spam, and unauthorised access | Legitimate interests (Art. 6(1)(f) GDPR — system security) | | **Server logs** (IP addresses, request timestamps) | Security — preventing abuse, spam, and unauthorised access | Legitimate interests (Art. 6(1)(f) GDPR — system security) |
  
-Providing account information is voluntary but required to contribute. Without an account, you can read all published content without any data being collected.+Providing account information is voluntary but required to contribute. Without an account, you can read all published content.
  
-===== How we collect analytics =====+===== Analytics =====
  
-We use **GoatCounter**, a privacy-preserving analytics toolhosted on our own server infrastructure. GoatCounter does not use cookies, does not track individuals across sessions, and does not collect or store IP addresses or browser fingerprintsOnly aggregate counts (page views, referrer domain, country derived from IP in memory then discarded) are retained. This means no cookie consent banner is required for analytics.+We use **GoatCounter**, a privacy-focused analytics serviceto understand how the wiki is used. GoatCounter is operated by GoatCounter.com and processes data on servers located in the Netherlands (EU). 
 + 
 +GoatCounter does **not** set cookies and does **not** build persistent personal profilesIt collects the following per page view: 
 + 
 +  * Page URL and referrer domain 
 +  * Country (derived from IP address, then IP is discarded) 
 +  * Browser type and operating system (derived from the User-Agent header, which is not stored) 
 +  * Screen size category 
 + 
 +To count unique visitors within a session, GoatCounter uses a short-lived hash of the IP address, User-Agent, and a daily rotating salt. This hash is not stored beyond the session window (up to 8 hours) and cannot be reversed to identify a person. 
 + 
 +No raw IP addresses are stored. No data is shared with advertisers or used for profiling. 
 + 
 +Because no cookies are set and no persistent personal identifiers are retained, a cookie consent banner is not required. This page serves as the required transparency notice under Art. 13 GDPR (legitimate interests basis, Art. 6(1)(f)). 
 + 
 +You can opt out of GoatCounter tracking by enabling "Do Not Track" in your browser settings. This wiki checks the DNT signal before loading the analytics script — if DNT is set, no analytics data is collected for your visit. 
 + 
 +===== Fonts ===== 
 + 
 +All fonts used on this wiki (Space Grotesk, Inter, JetBrains Mono) are served directly from our own server. No requests are made to Google Fonts or any other third-party font service.
  
 ===== Hosting and processors ===== ===== Hosting and processors =====
  
 ^ Provider ^ Role ^ Location ^ ^ Provider ^ Role ^ Location ^
-| **OpalStack** | Web hosting is used to store wiki content, account data, server logs | EU-based servers | +| **OpalStack** | Web hosting — stores wiki content, account data, server logs | EU-based servers | 
-| **GoDaddy** | Domain name registration onlyno personal data is processed or stored | — |+| **GoDaddy** | Domain name registration only — no personal data processed or stored | — 
 +| **GoatCounter.com** | Privacy-friendly analytics — aggregate usage statistics only | Netherlands (EU) |
  
 We do not share your data with third parties for marketing, profiling, or any purpose beyond those listed above. We do not share your data with third parties for marketing, profiling, or any purpose beyond those listed above.
Line 49: Line 69:
 | Account information | For the duration of the account. Deleted within 90 days of a verified deletion request. | | Account information | For the duration of the account. Deleted within 90 days of a verified deletion request. |
 | Contribution history | Retained indefinitely as part of the public wiki record. Account details can be anonymised on request; edit history cannot be fully removed (legitimate interest in transparency). | | Contribution history | Retained indefinitely as part of the public wiki record. Account details can be anonymised on request; edit history cannot be fully removed (legitimate interest in transparency). |
-| Usage analytics | 12 months, then automatically deleted. |+| Usage analytics (individual pageview records) | 12 months, then automatically deleted from GoatCounter. Aggregate statistics (total counts per page, country, period) are retained indefinitely as they no longer constitute personal data. |
 | Server logs | 30 days, then automatically deleted. | | Server logs | 30 days, then automatically deleted. |
  
Line 63: Line 83:
   * **Portability** — receive your data in a structured, machine-readable format where applicable   * **Portability** — receive your data in a structured, machine-readable format where applicable
  
-To exercise any of these rights, contact us at [contact email]. We will respond within one month.+To exercise any of these rights, contact us at vitaliy.soloviy@ait.ac.at. We will respond within one month.
  
 If you are not satisfied with our response, you can lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde): [[https://www.dsb.gv.at|dsb.gv.at]] If you are not satisfied with our response, you can lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde): [[https://www.dsb.gv.at|dsb.gv.at]]
Line 81: Line 101:
 ===== Updates ===== ===== Updates =====
  
-This page was last updated: 20 March 2026. We will post changes here. For significant changes, registered contributors will be notified by email.+This page was last updated: 31 March 2026. We will post changes here. For significant changes, registered contributors will be notified by email.
  
 ~~NOCACHE~~ ~~NOCACHE~~