Data Controller

The data controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Lukas Dörr
Email: office@pagea.dev

Your Rights as a Data Subject

You may exercise the following rights at any time using the contact details provided:

• Access to your data stored by us and information regarding its processing (Art. 15 GDPR)
• Correction of inaccurate personal data (Art. 16 GDPR)
• Erasure of your data stored by us (Art. 17 GDPR)
• Restriction of data processing, provided we are not yet permitted to delete your data due to legal obligations (Art. 18 GDPR)
• Objection to the processing of your data (Art. 21 GDPR)
• Data portability, provided you have consented to the data processing or have entered into a contract with us (Art. 20 GDPR)

You may lodge a complaint with a supervisory authority at any time, e.g., with the competent supervisory authority in the state where you reside.

Collection of general information when visiting our website

Nature and purpose of processing

When you visit our website, technical information of a general nature is automatically collected. These so-called server log files include, for example, the browser type, the operating system used, the domain name of your internet service provider, and your IP address.

The processing is carried out for the following purposes:

• Ensuring a smooth connection
• To ensure smooth use of the website
• Evaluating system security and stability
• Other administrative purposes

We do not use this data to draw conclusions about your identity.

Legal basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website.

Retention period

The data is deleted as soon as it is no longer necessary for the purpose for which it was collected—usually at the end of the respective session.

Use of the trace function (IP addresses, domains, URLs)

Nature and purpose of processing

The core service of this website allows you to retrieve information about an IP address, domain, or URL. When you enter such information into the form, our server processes this data to determine the requested tracing data.

This is done in two ways:

• Query via external data providers: Our server sends the entered information to an external third-party provider to obtain geolocation or network data. Only the entered IP address, domain, or URL is transmitted—no personal data about you as a user. The third-party provider receives no information about who made the query.
• DNS queries via PHP: For certain queries (e.g., DNS records, reverse lookups), PHP’s built-in functions are used to send requests to public DNS servers. Here, too, only the entered information is transmitted—no user data.

We do not store the entered data in connection with your identity and do not pass it on to third parties. Our server receives the result of the query and displays it directly to you.

Note on entering third-party IP addresses

Please note that IP addresses may constitute personal data. If you enter another person’s IP address, you are personally responsible for ensuring that you are authorized to do so.

Legal basis

Processing is carried out in accordance with Art. 6(1)(b) GDPR to provide the service you are using, as well as in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in operating a functional contact tracing service.

Retention period

The data entered is not stored in connection with your person. Storage takes place exclusively within the scope of technically unavoidable server log files (see above).

Query statistics (query counters)

Nature and purpose of processing

To show how often a specific domain, URL, or IP address has already been queried via our service, we store an anonymous counter per query. Only the entered value (e.g., google.com) is stored along with the number of queries—no user reference, no IP address, and no timestamp of your request.

Since no personal reference is established, this constitutes purely statistical, anonymous data.

Legal basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in providing useful usage statistics for the service.

Rating function

Nature and purpose of processing

A rating function is available for queried domains, URLs, or IP addresses. To ensure that each IP address can submit a specific rating only once (to prevent abuse), your IP address is processed when you submit a rating.

Your IP address is not stored in plain text. Instead, it is converted into a cryptographic hash (SHA-256) together with a server-side random value (salt). This hash allows us to detect multiple votes but does not reveal your original IP address.

The following is stored:

• The SHA-256 hash of your IP address (non-reversible)
• The queried item (e.g., a domain)
• Your submitted rating
• A timestamp to control the storage duration

Legal basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in preventing manipulation of the rating function and ensuring the integrity of the service.

Retention period

The stored hash is automatically deleted after 90 days at the latest. After this period has expired, it is possible to submit a new review for the same query.

Map display (Leaflet, Jawg Maps, OpenStreetMap)

Nature and purpose of processing

For the visual display of geolocation results, we use the open-source library Leaflet.js in combination with map tiles from the providers Jawg Maps and OpenStreetMap.

As soon as a map element is loaded on our website, your browser establishes a direct connection to these providers’ servers to load the map tiles. For technical reasons, your IP address is transmitted to the respective providers during this process.

• Jawg Maps: Jawg SAS, 101 Rue de Sèvres, 75006 Paris, France.
  Privacy Policy: https://www.jawg.io/en/confidentiality
• OpenStreetMap: OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.
  Privacy Policy: wiki.osmfoundation.org/wiki/Privacy_Policy

Legal Basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in clearly displaying geolocation results on a map.

Retention period

We do not collect any personal data ourselves through the map integration. Please refer to the respective providers’ privacy policies for information on their retention periods.

Web Analytics with Matomo

Nature and purpose of processing

This website uses Matomo, an open-source web analytics software. Matomo is configured to operate ina privacy-friendly manner:

• Self-hosting: All data is processed and stored exclusively on our own server matomo.pagea.dev . No data is transferred to third parties or to third countries.
• IP anonymization: Your IP address is truncated before storage (the last octet is set to 0 ), so that no further personal identification is possible.
• No sharing with third parties: The collected data is used exclusively for internal analysis of website usage.
• Respect for Do Not Track: If your browser sends the Do-Not-Trackheader, no tracking takes place.

Matomo collects the following data, among others:

• Truncated IP address
• Pages visited and time spent on each
• Browser and operating system used
• Referring page
• Approximate location (based on the truncated IP address)

Objection

You can object to the processing of your data by Matomo at any time. To do so, you can enable the Do Not Track header in your browser or use the opt-out link below:

<iframe> </iframe>

Legal basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in analyzing the use of our website and improving the service. Since Matomo is self-hosted, IP addresses are anonymized, and no data is transferred to third parties, a cookie banner is not required in this case.

Retention period

The data collected by Matomo is automatically deleted after 12 months at the latest.

Cookies

Type and purpose of processing

Our website uses only technically necessary cookies, e.g., for general settings and session cookies specified by PHP. We donot use tracking or advertising cookies.

Retention period

General settings cookies and PHP session cookies: up to 1 year, but may be deleted earlier during a cache flush.

Objection

You can disable the storage of cookies via your browser settings or delete cookies that have already been stored. This may limit certain functions of the website.

SSL Encryption

To secure your data during transmission, we use state-of-the-art encryption methods (SSL/TLS) via HTTPS.

Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to ensure it remains compliant with current legal requirements or to reflect changes to our service. The most recent version will apply to your next visit.

Questions about data protection

If you have any questions about data protection, please feel free to email us at: office@pagea.dev