Privacy Policy
This policy explains how personal data is handled across the LAUDAT website and self-hosted services. The data controller is Mihai Laudat, based in Munich, Germany.
1. What this covers
This policy applies to laudat.org and its subdomains and to the self-hosted applications provided to invited users.
2. Data processed
- Account & identity data — such as a username and email address, managed through the single sign-on system, used to authenticate you and control access.
- Technical logs — such as IP addresses, timestamps, and request metadata generated by reverse proxies, firewalls, and applications for security and troubleshooting.
- Service content — files, media, automation state, or settings you create within the Services.
- Cookies & sessions — strictly functional cookies and tokens needed to keep you signed in. No third-party advertising or tracking cookies are used.
3. Why it is processed & legal basis
Data is processed to provide and secure the Services, to authenticate users, to maintain stability, and to prevent abuse. The legal bases under the GDPR are the performance of the user relationship (Art. 6(1)(b)) and legitimate interests in operating and securing the platform (Art. 6(1)(f)). Where consent is required, it is requested separately.
4. Sharing & processors
Personal data is not sold or shared for marketing. The platform runs on self-managed hardware and on infrastructure providers — including IONOS and Hetzner — that act as processors for hosting. Data may be disclosed where required by law.
5. Retention
Data is kept only as long as needed for the purposes above. Technical logs are rotated and deleted on a short cycle; account and content data are removed when an account is closed, subject to any legal retention requirements.
6. Your rights
Under the GDPR you have the right to access, rectify, erase, restrict, and port your personal data, and to object to certain processing. You also have the right to lodge a complaint with a supervisory authority — in Bavaria, the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA). To exercise any right, contact the address below.
7. Security
Access is protected with single sign-on, network-level access controls on a private mesh, reverse proxies, and monitoring. No system is perfectly secure, but reasonable technical and organisational measures are taken to protect data.
8. International transfers
Hosting is located within the EU/EEA where possible. If any processing occurs outside the EEA, appropriate safeguards such as Standard Contractual Clauses are relied upon.
9. Contact
Privacy questions or data-subject requests: tckp@duck.com.
Provided for the LAUDAT self-hosted services in good faith. This is not legal advice.