Mario Ludwig
Back to homepage
Legal

Privacy Policy

Last updated: February 2026

1. Data Controller

The data controller responsible for data processing on this website is:

Mario Ludwig
An der Industriebahn 2
13088 Berlin
Germany

Email: hello@marioludwig.dev

2. Overview of Data Processing

This website serves exclusively to provide information about my services as a web developer. No user accounts are created, no forms are processed, and no tracking cookies are set.

The processing of personal data is limited to technically necessary server log files that are automatically collected when the website is accessed.

3. Hosting

All application-specific data (client data, project data, authentication) is stored and processed exclusively within the European Union. Data processing is fully GDPR-compliant.

The frontend of this website is hosted by Vercel Inc.:

Vercel Inc.
340 S Lemon Ave #4133
Walnut, CA 91789, USA

When accessing this website, server log files are automatically collected. These contain:

  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the page accessed
  • Amount of data transferred
  • Browser type and version
  • Operating system
  • Referrer URL (previously visited page)

This data is technically necessary to correctly deliver the website and is automatically deleted after a short period. This data is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure and stable provision of the website).

Data transfer to the USA: Vercel Inc. is based in the USA. Data transfer is based on Standard Contractual Clauses (SCCs) of the EU Commission pursuant to Art. 46(2)(c) GDPR.

4. SSL/TLS Encryption

For security reasons and to protect the transmission of data, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the lock symbol in your browser's address bar and by the address starting with "https://".

5. Cookies

This website currently does not set any cookies of its own. Neither tracking cookies nor analytics cookies are used.

The hosting provider Vercel may set technically necessary cookies required for the proper operation of the website. These cookies do not contain personal data and are deleted at the end of the browser session.

6. Web Analytics

Currently, no web analytics tools are used on this website.

The use of Vercel Analytics is planned — a privacy-friendly analytics service that operates without cookies and does not collect personal data. Vercel Analytics only captures aggregated, anonymized metrics such as page views and loading times.

Once Vercel Analytics is activated, this privacy policy will be updated accordingly.

7. Contact via Email

If you contact me via email, the data you provide (e.g., name, email address, message content) will be stored by me to process your inquiry.

The processing is based on:

  • Art. 6(1)(b) GDPR — if the contact is for the purpose of contract initiation or fulfillment
  • Art. 6(1)(f) GDPR — based on my legitimate interest in responding to inquiries

The data will be deleted once the purpose of processing no longer applies and no statutory retention obligations exist. No disclosure to third parties takes place.

8. Customer Portal

In addition to this website, I operate a separate customer portal for collaboration with clients. Data processing in the customer portal includes:

  • Backend: Convex — Data is stored and processed exclusively within the European Union
  • Authentication: WorkOS — GDPR-compliant authentication solution

The customer portal has its own privacy policy that applies when using the portal. Data is only stored for as long as necessary to provide the agreed services.

9. External Links

This website contains links to external websites (e.g., GitHub, customer portal, documentation). When clicking on these links, you leave my website. I am not responsible for the data protection of external websites. Please inform yourself about their privacy policies on the respective websites.

10. Your Rights

Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR): You have the right to request information about the personal data I process.
  • Right to rectification (Art. 16 GDPR): You can request the correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR): You can request the deletion of your data, provided no statutory retention obligations apply.
  • Right to restriction of processing (Art. 18 GDPR): You can request the restriction of the processing of your data.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your data in a common format.
  • Right to object (Art. 21 GDPR): You can object to the processing of your data if it is based on Art. 6(1)(f) GDPR.

To exercise your rights, simply send an email to: hello@marioludwig.dev

11. Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

The responsible supervisory authority depends on the federal state of your residence or the seat of the data controller. A list of supervisory authorities can be found at:
www.bfdi.bund.de

12. Updates and Changes

This privacy policy is currently valid (as of: February 2026).

I reserve the right to update this privacy policy to adapt it to changes in the legal situation or changes to my services. The current version can always be found on this page.