Privacy Policy
This privacy policy applies to this website and to our profile on X. Part A concerns the website, Part B concerns our profile on X. This English version is provided for information purposes only; the German version prevails.
Controller
The controller responsible for the processing described in this privacy policy is:
Edgar Wolfert
Postal address / address for service of process:
c/o Online-Impressum #7056
Europaring 90
53757 Sankt Augustin
Germany
Email:
ewolfert.media@gmail.com
Phone:
+49 1522 9557121
Further provider information can be found in the Legal Notice.
Part A: Website
LisanBench is currently designed as a static informational and benchmarking website. The website currently does not offer user accounts, registration, login, newsletters, contact forms, comment functions, a shop, payment processing or the conclusion of contracts.
We currently do not use our own analytics, marketing or retargeting services. Fonts and frontend assets are served locally. External media, social embeds, maps, Google Fonts and externally loaded frontend CDNs are not currently used.
Provision of the Website and Cloudflare
When the website is accessed, technically necessary connection and request data are processed in order to deliver the website, ensure stability and security, defend against abuse and analyze errors. This may include in particular the IP address, date and time of the request, requested URL or resource, HTTP status code, referrer, browser and user-agent information, operating system or device details, as well as security and event logs.
To provide lisanbench.com we use Cloudflare Pages as the hosting platform as well as Cloudflare functions for TLS, caching, CDN/reverse proxy and basic DDoS and WAF protection. Cloudflare Web Analytics, Zaraz, Turnstile and any other analytics, marketing or captcha products triggered by us on Cloudflare are not currently used. The provider is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.
Processing takes place for the purpose of providing the website, ensuring stability and security, preventing abuse and troubleshooting. The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and efficient provision of our online offering.
The provision of the above connection and request data is technically necessary in order to access the website. Without processing in particular the IP address and the requested resource, the website cannot be delivered.
If and to the extent Cloudflare processes personal data on our behalf, we rely on the data protection contractual documents provided by Cloudflare, in particular the Data Processing Addendum.
It cannot be ruled out that data may also be transferred to the USA or other third countries in this context. According to Cloudflare, international data transfers are based in particular on standard contractual clauses. For transfers to the USA, Cloudflare also refers to certifications under the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework and the UK Extension where applicable. Further current information on Cloudflare's data processing can be found at https://www.cloudflare.com/privacypolicy/. Information on the relevant safeguards, in particular the Cloudflare Data Processing Addendum and the standard contractual clauses incorporated there, can be found at https://www.cloudflare.com/cloudflare-customer-dpa/.
Server Logs and Retention Periods
Technical access to the website may be stored in server and security logs. Such log files serve to ensure operation, IT security, the detection and defense against abuse, as well as error analysis.
We do not maintain our own permanent log archive. As a rule, we do not have access to all internal log or event data generated at Cloudflare. To the extent that log or event data become accessible to us in the course of operation, error analysis or security monitoring and we store or retain such data under our own responsibility, we use them solely for operation, error analysis, security monitoring and abuse prevention. Such log data stored under our own responsibility are generally deleted or anonymized no later than within 30 days. Excluded from this are data that are required for the investigation, remediation and follow-up of a specific security, abuse or service disruption incident, or for the establishment, exercise or defense of legal claims. In such cases, we store the data concerned until the respective matter has been concluded and relevant periods have expired.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring secure and error-free website operation.
Cookies, Local Storage and Access to End Devices
We currently do not use any of our own analytics or marketing cookies.
The website uses localStorage to store the display option selected by the user. The light/dark display preference is stored under the key lisanbench-theme so that it can be applied automatically on later visits. The entry remains stored until you clear your browser storage or change the setting.
The legal basis for this is § 25(2) no. 2 TDDDG. To the extent that storing or reading data involves the processing of personal data, this processing is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the user-friendly provision of the selected display option.
The display preference is only stored if you actively change the setting. The website remains usable without this convenience feature; in that case, the selected display preference is simply not retained across sessions.
We do not set any other cookies of our own. In the Cloudflare minimal configuration intended by us, no Cloudflare products are used that would trigger analytics, marketing or captcha cookies on our behalf. This includes in particular that Cloudflare Web Analytics, Zaraz, Turnstile and bot-fight functions are not currently activated. As part of security and challenge functions, however, Cloudflare may use technically necessary cookies, e.g. cf_clearance and – depending on the activated security functions – further security cookies. According to Cloudflare, such cookies serve exclusively the secure delivery of the website and typically have a short lifetime. Current information on this is provided by Cloudflare at https://developers.cloudflare.com/fundamentals/reference/policies-compliances/cloudflare-cookies/ as well as in the Cloudflare Privacy Policy at https://www.cloudflare.com/privacypolicy/. The legal basis for storing or reading such technically necessary security cookies is section 25(2) no. 2 TDDDG; to the extent personal data are processed in this context, the legal basis is Art. 6(1)(f) GDPR.
Locally Hosted Content and External Links
The website uses locally hosted fonts and locally hosted frontend assets. External analytics services, marketing tools, newsletter tools, social embeds, embedded maps, external font providers and externally loaded frontend CDNs are not currently used.
External links only lead to a data transfer to the respective third-party provider once you actively click the link. This also applies to external social media links.
Contact by Email or Phone
If you contact us by email or phone, we process the information you provide to us, such as your name, contact details, the content of your inquiry and the time of contact, in order to handle your request, answer follow-up questions and enable orderly communication.
The legal basis is Art. 6(1)(b) GDPR to the extent your inquiry relates to the initiation or performance of a contract or is necessary in order to take steps prior to entering into a contract. Otherwise, we process the data on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper handling of inquiries, communication with interested parties and abuse prevention.
We use a Gmail mailbox under gmail.com to receive, send and store emails. In doing so, Google processes content, communication data and metadata associated with email communication in accordance with the data protection rules applicable to Google services. In this setup, Google does not process the resulting data exclusively on our behalf. Rather, Google also processes at least part of these data under its own data protection responsibility in accordance with the terms applicable to the service. It cannot be ruled out that data may also be processed outside the EU or EEA, in particular in the USA. According to Google, such international data transfers are based in particular on adequacy decisions, the certification of Google LLC under the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework and the UK Extension and, where required, on standard contractual clauses. Further information on this and on how to request a copy of the standard contractual clauses can be found at https://policies.google.com/privacy/frameworks, in the Google Privacy Policy at https://policies.google.com/privacy and in Google's privacy notice for consumer products at https://support.google.com/policies/answer/9581826?hl=en.
Inquiries without further legal or business relevance are generally deleted no later than 12 months after the end of communication. To the extent that statutory retention obligations exist or the establishment, exercise or defense of legal claims requires longer storage, we store the data until the end of the respective statutory period or until the matter has been conclusively resolved.
Providing your data is neither legally nor contractually required. Without the information necessary for handling the matter, we may be unable to process your inquiry, or only incompletely.
Recipients
In connection with the operation of the website, personal data may in particular be transferred to the following recipients or categories of recipients:
- Cloudflare as technical service provider for hosting via Cloudflare Pages, delivery, security and CDN functions
- Google as provider of the Gmail mailbox used for email communication
- Authorities, courts or other public bodies to the extent that a legal obligation exists
Data are not transferred to X merely because the website is accessed, as long as no X content is embedded in the website and you do not click the external link.
Part B: X / Social Media Presence
We operate a profile on X used for business purposes. This profile serves our public communication, public presence and exchange with interested parties. This privacy policy applies insofar as the profile links to this page.
When operating our X profile, we use the functions provided by X for publishing posts, communicating with users and using and viewing platform-provided aggregated reach, interaction and profile data. The data protection role allocation between X and profile operators is not conclusively clarified in all respects. To the extent that X provides us with aggregated profile or reach statistics and we use them, joint controllership with X may be relevant for the related processing operations. Further information on this can be found in the privacy information provided by X. Apart from this, X processes personal data for its own platform-related purposes under its own responsibility.
Data Processing in Connection with the X Profile
If you interact with our X profile, we may process the data you provide there or that are publicly visible. This includes in particular your username or display name, publicly visible profile information, posts, replies, mentions, direct messages, as well as the time and type of the respective interaction.
The source of these data is either the information you provide directly to us or to X, or publicly accessible profiles, posts and interactions on X, as well as the aggregated statistics and reach data provided by X.
The processing takes place for public communication, publication of our own content, responding to messages and interactions, evaluating aggregated reach and interaction statistics, and moderating and handling abuse cases. The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in an appropriate external presentation, communication, a needs-based design of our profile content and abuse prevention.
Based on our current knowledge, our influence and roles are as follows: we decide on the creation and operation of the profile, publish our own content, communicate with users and decide whether and to what extent we use the statistics functions provided by X. X, by contrast, decides on the technical provision of the platform, the processing of visitor and interaction data, the design and logic of the statistics functions and other platform-side data processing.
To the extent that, in individual cases, we store content from X outside the platform, for example in the form of local exports or screenshots, this is done exclusively within our area of responsibility and only to the extent necessary for documentation, evidentiary, abuse-prevention or legal-enforcement purposes. Such copies created within our area of responsibility are generally deleted no later than 12 months after creation. Longer storage only takes place to the extent that statutory retention obligations exist or the establishment, exercise or defense of legal claims requires it.
To the extent that data subject rights concern processing in connection with profile or reach statistics provided by X or other platform-side data, you may contact both us and X. Regardless of this, X will generally be able to process such requests more directly because only X has full access to the underlying platform data and technical processing operations.
Recipients or categories of recipients of data processed in connection with our X profile include in particular X as the platform operator, depending on the nature of the interaction the recipients or communication partners you select, in the case of public interactions other users of the platform, and the general public. In individual cases, data may also be disclosed to authorities or other bodies where there is a legal obligation to do so or where this is necessary for the establishment, exercise or defense of legal claims.
In connection with the use of X, it cannot be ruled out that personal data may also be processed outside the EU or EEA or become accessible worldwide. This applies in particular to public interactions and platform-side processing by X. Details on international data transfers and the safeguards identified by X can be found in X's privacy policy.
Further information on platform-side data processing by X can be found in X's privacy policy.
Publicly visible interactions on X are generally also visible to other users of the platform. Please do not send us sensitive or confidential personal data via X.
Platform-Side Processing by X
X also processes personal data for its own purposes, in particular for technically providing the platform, for security purposes, for usage analysis, for any cookie or tracking processing and in connection with international data transfers. We have only limited influence over the nature and scope of this processing.
Further information on data processing by X can be found at https://x.com/en/privacy. The controller named in the respective current privacy information of X is responsible for platform-side processing. There you will also find the current information on contact channels, international data transfers and the legal bases and safeguards identified by X.
Your Rights
Under the GDPR, you have in particular the right of access, rectification, erasure, restriction of processing, data portability, to object to processing based on Art. 6(1)(f) GDPR, and the right to lodge a complaint with a data protection supervisory authority.
To the extent that processing is carried out by us directly, you can contact us. To the extent that processing concerns profile or reach statistics provided by X or other platform-side data, you may assert your rights both against us and against X. Regardless of this, X will generally be able to handle such requests more directly, because only X has full access to the underlying platform data and the technical processing operations. For other platform-side processing by X, X is the primary point of contact because we have only limited access to those data.
You also have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement.
The supervisory authority responsible for us is the Saxon Data Protection and Transparency Commissioner, Postfach 11 01 32, 01330 Dresden, Germany, email: post@sdtb.sachsen.de, phone: +49 351 85471-101. Current contact information can also be found at https://www.datenschutz.sachsen.de/kontakt.html.
No Automated Decision-Making
We do not carry out automated decision-making within the meaning of Art. 22 GDPR.
Last Updated
March 28, 2026