Privacy Policy

Last updated: June 2, 2026. This policy describes how personal data is processed on twitch.claims. The site is deliberately built without analytics tracking, marketing pixels, social media plugins, or a cookie banner.

Controller

Fabian Zimber
Private individual responsible for the open collective shiftbloom studio
Up de Worth 6a
22927 Großhansdorf
Germany
E-Mail: [email protected]
Phone: +49 (0) 163 8552 708

Hosting and Access Data

When the website is accessed, technically necessary access data is processed so the pages can be delivered and the systems can be kept secure. This can include the IP address, date and time of access, requested URL, referrer URL, user agent, and technical status data.

The legal basis is Art. 6(1)(f) GDPR. The legitimate interest is the stable, secure, and abuse-resistant operation of the website. Recipients may include hosting and infrastructure providers that must be engaged in line with GDPR requirements. Access data is stored only for as long as necessary for operation, security, and error analysis.

Contact

If the contact form is used, the submitted name, email address, message, related domain, page URL, and submission time are processed. The data is used only to handle and answer the message. The privacy checkbox records acknowledgement of this notice; it is not consent to tracking.

The legal basis is Art. 6(1)(b) GDPR where the request relates to pre-contractual steps, and otherwise Art. 6(1)(f) GDPR. The legitimate interest is being able to answer incoming messages reliably and prevent misuse of the form. The data is deleted once the request has been fully handled, unless statutory retention obligations apply.

The form sends data to the server endpoint /api/contact. Delivery may use an email service such as Amazon SES configured through CONTACT_FROM_EMAIL, CONTACT_TO_EMAIL, and CONTACT_AWS_REGION. Before production use, the actual provider must be reviewed, contractually engaged, and, where third-country transfers are involved, protected under Art. 44 ff. GDPR.

Cookies and Tracking

This website does not set cookies, use Local Storage or Session Storage, run web analytics, or read device information for tracking or marketing purposes. Based on the current technical setup, no cookie banner is used. If analytics, marketing, maps, video, social media, or other third-party services are added later, consent under Section 25 TDDDG and/or Art. 6 GDPR must be checked first.

Fonts and Static Files

Fonts and graphics are served by the website itself. The browser does not request Google Fonts or comparable external font servers when the page is loaded.

No Automated Decision-Making

No automated decision-making, including profiling within the meaning of Art. 22 GDPR, takes place.

Your Rights

Data subjects have the rights provided by the GDPR, including the right of access, rectification, erasure, restriction of processing, data portability, and objection to processing based on Art. 6(1)(f) GDPR. Requests can be sent to [email protected].

Right to Complain

Data subjects have the right to lodge a complaint with a data protection supervisory authority. In particular, the authority at the data subject's place of residence or the controller's place of establishment may be competent.

Data-Minimizing Setup

The website is built so that, without active contact, only data necessary for delivery, security, and error analysis is processed. No data is shared for advertising, tracking, or profiling.