This privacy policy explains how Code Franconia (operated by Fabian Petri) collects, uses, and protects your personal information when you use our website at https://codefranconia.com. We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable data protection laws.
1. Data Controller
pursuant to Art. 4(7) GDPR
Business: Fabian Petri Code Franconia
Location: Am Werkkanal 1, 96047 Bamberg, Germany
Email: info@codefranconia.com
Phone: +49 151 222 15 000
2. Data We Collect
When you contact us through our website, we may collect:
- Name - to address you personally
- Email address - to respond to your inquiry
- Phone number (optional) - for direct communication
- Message content - to understand and respond to your request
2.2 Automatically Collected Data
Our website automatically collects certain information:
- IP address - for security and geographic insights (anonymized where possible)
- Browser type and version - for compatibility optimization
- Operating system - for technical compatibility
- Pages visited and time spent - to understand user behavior
- Referral source - to understand how you found our website
- Date and time of access - for security monitoring
2.3 Website Hosting Data
This website is hosted on Cloudflare Pages (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA). As part of the hosting and content delivery service, Cloudflare automatically collects:
- Server log files containing IP addresses, browser information, and access times
- Performance monitoring data for service reliability and CDN optimization
- Security monitoring data to protect against DDoS attacks, bots, and malicious traffic
- Geographic location data (country/region level) for content delivery optimization
- Cache and CDN data to improve website loading speeds globally
Cloudflare acts as a data processor and provides:
- Global Content Delivery Network (CDN)
- DDoS protection and Web Application Firewall (WAF)
- SSL/TLS encryption
- Bot management and security services
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) for website operation, security, and performance optimization
Data retention: Cloudflare retains logs for up to 30 days; analytics data may be retained longer in aggregated form
Privacy policy: Cloudflare Privacy Policy
Data Processing Agreement: Cloudflare complies with GDPR and has Standard Contractual Clauses (SCCs) in place for international data transfers
2.4 Analytics and Tracking Data
When you consent to analytics cookies, we may collect:
- Page views and session duration - To understand content popularity
- Click tracking - To optimize user interface and navigation
- Scroll behavior - To improve content layout and readability
- Device and browser information - For technical optimization
- Traffic sources - To understand how visitors find our website
- Geographic data (anonymized) - For regional service optimization
3. Legal Basis for Processing
Under GDPR Article 6, we process your data based on:
- Consent (Art. 6(1)(a)) - When you voluntarily provide information via contact forms
- Legitimate Interest (Art. 6(1)(f)) - For website analytics, security monitoring, and business operations
- Contract Performance (Art. 6(1)(b)) - When providing requested services
- Legal Obligation (Art. 6(1)(c)) - When required by applicable laws
4. How We Use Your Data
We use your personal data for:
- Communication - Responding to inquiries and providing customer support
- Service Delivery - Providing requested software development and consulting services
- Website Improvement - Analyzing usage patterns to improve user experience
- Security - Protecting against fraud, abuse, and security threats
- Legal Compliance - Meeting legal and regulatory requirements
- Marketing (only with explicit consent) - Sending relevant updates about our services
5. Data Storage and Security
5.1 Storage Location
- Website data is stored on Cloudflare’s global network (with servers in the United States and Europe)
- Contact form submissions are processed and stored securely
- We implement appropriate technical and organizational measures to protect your data
- Cloudflare’s CDN caches content at edge locations worldwide for faster delivery
5.2 Security Measures
- Encryption - Data transmission via HTTPS/TLS encryption
- Access Control - Limited access to personal data on a need-to-know basis
- Regular Updates - Security patches and updates applied promptly
- Monitoring - Continuous monitoring for security threats
5.3 Data Retention
- Contact inquiries: Retained for 3 years or until you request deletion
- Technical logs: Retained for 12 months for security purposes
- Analytics data: Anonymized and retained for 2 years
6. Data Sharing and Third Parties
We do not sell, trade, or rent your personal information. We may share data only:
6.1 Service Providers
- Cloudflare Pages - Website hosting and CDN services (see their privacy policy above)
- Google Analytics - Website analytics (only with your consent)
- Email providers - For responding to inquiries (under data processing agreements)
6.2 Legal Requirements
- When required by law, court order, or legal process
- To protect our rights, property, or safety
- To prevent fraud or security threats
6.3 International Transfers
Data may be transferred to the United States and other countries where our service providers operate (Cloudflare, Google). We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) - EU-approved data transfer mechanisms
- Adequacy Decisions - Where applicable under GDPR Article 45
- Cloudflare’s Data Localization - Cloudflare offers EU data localization options
- Service Provider Compliance - All processors comply with GDPR requirements
7. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Access (Art. 15) - Request copies of your personal data
- Rectification (Art. 16) - Request correction of inaccurate data
- Erasure (Art. 17) - Request deletion of your data (“right to be forgotten”)
- Restriction (Art. 18) - Request limited processing of your data
- Portability (Art. 20) - Request transfer of your data in a structured format
- Objection (Art. 21) - Object to processing based on legitimate interests
- Withdraw Consent - Withdraw previously given consent at any time
To exercise these rights, contact us at info@codefranconia.com.
8. Cookies and Tracking Technologies
8.1 Cookie Consent System
Our website implements a comprehensive cookie consent system that allows you to control which scripts and tracking technologies are loaded. Upon your first visit, you will see a consent banner with the following options:
- Deny - Only essential functional cookies will be loaded
- Allow - All cookies and tracking scripts will be enabled
- Manage Preferences - Individual control over each type of cookie/script
8.2 Types of Cookies and Scripts We Use
Essential/Functional Cookies (Always Active)
- Alpine.js Framework - Enables interactive website features like dark mode toggle and navigation
- ScrollReveal Animations - Provides smooth scroll animations and visual effects on the homepage (loaded automatically)
- Cookie Consent Settings - Remembers your cookie preferences for 31 days
Optional Cookies (Require Your Consent)
- Google Analytics - Enhanced tracking for detailed user behavior analysis
8.3 Cookie Details
- consent-settings - Stores your cookie preferences (expires after 31 days)
- darkMode - Remembers your dark/light mode preference (localStorage)
- Google Analytics cookies - Track website usage and performance (if consented)
8.4 Managing Your Cookie Preferences
You can change your cookie preferences at any time by:
- Clicking the “Cookie Settings” link in our website footer
- Using your browser’s cookie management settings:
- Chrome: Settings > Privacy and Security > Cookies
- Firefox: Settings > Privacy & Security > Cookies
- Safari: Preferences > Privacy > Cookies
- Edge: Settings > Cookies and Site Permissions
8.5 Third-Party Cookies and Services
We may use third-party services that set their own cookies:
- Google Analytics - For website analytics (only with your consent)
- Cloudflare - For website hosting, CDN, and security (essential for functionality)
Cloudflare may set cookies for:
- Security purposes - To identify and mitigate security threats
- Performance optimization - To route traffic efficiently
- Bot detection - To distinguish legitimate users from automated bots
9. Children’s Privacy
Our website is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.
10. Changes to This Policy
We may update this privacy policy to reflect changes in our practices or applicable laws. When we make significant changes:
- We will post the updated policy on this page
- We will update the “Last updated” date
- We will notify you via email if you have provided your email address
11. Data Breach Notification
In the unlikely event of a data breach that poses a high risk to your rights and freedoms, we will:
- Notify the supervisory authority within 72 hours of becoming aware of the breach
- Inform affected individuals without undue delay if the breach poses a high risk
- Document the breach including facts, effects, and remedial action taken
- Take immediate steps to contain and remedy the breach
12. Automated Decision Making and Profiling
We do not engage in automated decision-making or profiling that produces legal effects or significantly affects you. Any analytics we perform are for aggregate statistical purposes only and do not result in automated decisions about individuals.
13. Data Protection Officer
As a small business, we are not required to appoint a Data Protection Officer under GDPR. However, for all data protection matters, you can contact us directly at the contact information provided below.
14. Legal Compliance and Cooperation
We may process your personal data to comply with legal obligations, including:
- Tax and accounting requirements under German law
- Business registration obligations
- Anti-money laundering regulations (if applicable)
- Court orders and legal proceedings
- Regulatory investigations
For privacy-related questions or to exercise your rights:
Email: info@codefranconia.com
Phone: +49 151 222 15 000
Postal Address: Fabian Petri, Am Werkkanal 1, 96047 Bamberg, Deutschland
Response Time: We aim to respond within 30 days (as required by GDPR)
15.2 Supervisory Authority
If you have concerns about our data processing, you can lodge a complaint with:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach, Germany
Phone: +49 981 180093-0
Email: poststelle@lda.bayern.de
Website: https://www.lda.bayern.de
15.3 European Data Protection Board
For EU-wide data protection matters:
European Data Protection Board (EDPB)
Website: https://edpb.europa.eu
Last updated: January 29, 2025
Effective Date: January 29, 2025
Version: 3.0 - Updated for Cloudflare Pages hosting
MEET THE FOUNDER
