Privacy Policy
This policy describes what data Dijaspora may process, the legal basis for that processing, and how you can exercise your rights.
Data controller
Dijaspora (informational project) is responsible for the processing described in this policy. The project currently has no registered legal entity; the contact point is the email address listed below.
Privacy contact: [email protected]
What we process and why
Dijaspora is largely a static site. We do not run user accounts and do not store personal data about you on our server. Processing is limited to:
- NEXT_LOCALE cookie — remembers your selected language (sr/de/en) between visits. It is stored in your browser and is not shared with third parties.
- Technical logs and Cloudflare protection — IP address, request time and User-Agent may be retained briefly for attack mitigation and availability monitoring.
- Cloudflare Web Analytics (optional) — aggregated, anonymous traffic metrics with no cookies. Activated only if a token is configured; otherwise the script is not loaded.
Legal basis
The legal basis is legitimate interest (Art. 6(1)(f) GDPR and Art. 12 ZZPL): operating the site, providing language support and basic security. Because we do not profile visitors and do not run targeted advertising, consent is not required.
Cookies
We currently set one first-party cookie: NEXT_LOCALE. Cloudflare may set its short-lived __cf_bm cookie (Bot Management) for a brief period to protect against automated attacks. A full breakdown is provided in the dedicated cookie policy.
Retention
Technical server logs and Cloudflare protection logs are typically retained for around 30 days, after which they are automatically deleted. Aggregated analytics (when active) contain no personal identifiers.
Data stored in your browser (NEXT_LOCALE cookie, any localStorage entries) persists until you clear it through your browser settings.
Third parties
The site is delivered via Cloudflare (CDN and protection). External links and affiliate partners have their own privacy policies — once you click such a link, your data is governed by that service's rules.
We do not embed social plug-ins (Facebook Pixel, LinkedIn Insight, etc.) and do not share data with advertising networks.
Your rights
Under the GDPR (Arts. 15–22) and ZZPL (Arts. 26–43), as a visitor you have the following rights:
- The right to access data relating to you
- The right to rectification of inaccurate data
- The right to erasure (the right to be forgotten)
- The right to restrict processing
- The right to data portability
- The right to object to processing based on legitimate interest
Because we do not currently keep personal profiles about you on our server, most such requests reduce to questions about server logs or external partners. Send your request to [email protected] and we will respond within a reasonable time.
Supervisory authorities
If you believe your rights have been infringed, you may contact the relevant data protection authority:
- Serbia — Commissioner for Information of Public Importance and Personal Data Protection (poverenik.rs) poverenik.rs
- Germany — Federal Commissioner for Data Protection and Freedom of Information (bfdi.bund.de) or the relevant state authority bfdi.bund.de
- Austria — Datenschutzbehörde (dsb.gv.at) dsb.gv.at
- Switzerland — Federal Data Protection and Information Commissioner (edoeb.admin.ch) edoeb.admin.ch
Contact
For any privacy questions, write to [email protected]. We aim to respond within 7 business days.
Changes to this policy
We may update this policy occasionally to reflect legal or technical changes. The last-updated date is shown at the top of the page.