Who I am
My name is Henrik Zawischa. I am privately engaged in photography as a hobby. On this website I present my work and occasionally write about subjects related to photography.
This website’s address is: http://photo.zakkinen.net.
The site is operated using Automattic’s WordPress software (https://automattic.com). In addition, I use Automattic’s extension Jetpack which extends WordPress by some comfort features requiring a connection to Automattic’s website WordPress.com, and Akismet (also owned by Automattic) to protect the site from SPAM. For forms enabling submission of content by visitors (i. e. unauthenticated users), I use Google’s reCAPTCHA to ensure the submitter is human.
Any processing of personal data collected through this website is always carried out in accordance with the European General Data Protection Regulation (EU-GDPR) and the applicable German and Hamburg data protection regulations.
I take technical measures to protect the data collected. Among other things, I ensure that the software used is up-to-date and that generally known security gaps are closed promptly. However, data transmission via the Internet is inherently susceptible to security vulnerabilities and I cannot guarantee absolute security in this respect. It is the decision and responsibility of the visitors whether they want to transmit data via this website or contact me in some other way.
The use of this website is principally possible without providing personal data.
When accessing the website, however, information of a general nature is collected even without active input of data. Some of this information may be deemed personal data. This information is collected via the provider of the web server and the blog software WordPress with Jetpack.
In order to be able to use certain functions, e. g. to submit a comment about a post, it may be necessary for you to enter personal data. Please note that you alone are responsible for the information you submit. By submitting, you give me the permission to use this data as described below.
In the following, I would like to inform you about the type and extent of the collected data and their use as well as your rights and possibilities regarding these data.
What data are collected and why
This website is solely populated with content by me alone. Registration and log-in of users other than me is not intended. In principle, no personal data will be requested from you as a visitor of this site. The only exceptions are comments that you may write about posts and information that you leave via a contact form.
This website uses third-party functions, e.g. embedded content from other websites or fonts, which are automatically downloaded by your browser from the websites of the respective providers. These third parties may collect additional information.
When you access my website, some information of a generic nature is automatically collected by my hosting provider. This information includes, for example, the type of browser, the operating system used and the domain name of your internet service provider. These are information that cannot be traced back to you. They are technically necessary for the correct delivery of content requested by you from websites in general and is mandatory when using the Internet. Anonymous information of this kind may be statistically evaluated by me in order to optimise my website and the technology behind it.
If you write a comment about a post on the website, I collect the data requested by the respective form and additionally a time-stamp, your IP address and the user agent string (identifying your browser-type) to support the detection of SPAM.
If you have a WordPress.com account and are signed in to WordPress.com at the time of accessing my site, your WordPress.com account will automatically be used as the author of any comment. If not, you will need to provide a username and email address. Specifying a website is optional.
Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. Akismet (also owned by Automattic) is enabled on the site, thus the following information is sent to this service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.
As soon as a comment is published on this website, your WordPress.com username (if signed in to WordPress.com) or the name you specified on submitting the comment will be displayed publicly on this site.
A hash of the your email address (if signed in to WordPress.com or if you submitted a comment on the site using the email address that is attached to an active Gravatar profile) is sent to the Gravatar service (also owned by Automattic) in order to retrieve their profile image. The profile image will be displayed publicly as soon as the comment is published.
When you post a comment on this site, you have the option to save your username, email address, and the site you are submitting in your browser. This is done via a cookie, a small file that is stored on your device. By selecting this option, you give your consent for such a cookie to be stored on your device. This is a convenience feature so that visitors do not have to re-enter this data when they write another comment. These cookies are usually stored for one year.
I have no influence on the equipment of my visitors. You are free to delete cookies from your device before they expire.
If you have a WordPress.com user account you are logged in to WordPress.com with, you may mark a comment on this site with a like.
In order to process a comment like, the following information is used: WordPress.com user ID/username, and a true/false data point that tells Jetpack if the user liked a specific comment. If you perform a like action from one of the WordPress mobile apps, some additional information is used to track the activity: IP address, user agent, timestamp of event, blog ID, browser language, country code, and device info.
You can find additional information regarding this functionality here: https://jetpack.com/support/comment-likes/
If you have a WordPress.com user account you are logged in to WordPress.com with, you may mark a post on this site with a like.
In order to process a post like action, the following information is used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID (on which the post was liked), post ID (of the post that was liked), user agent, timestamp of event, browser language, country code.
You can find additional information regarding this functionality here: https://jetpack.com/support/comments/
If you use a contact form on the website, I collect the data requested by the respective form and additionally a time-stamp, your IP address and the user agent string (identifying your browser-type) to support the detection of SPAM.
If you have a WordPress.com account and are signed in to WordPress.com at the time of accessing my site, your WordPress.com account will automatically be used as the author of any contact form. If not, you will need to provide a username and email address. Specifying a website is optional.
The contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (also owned by Automattic) for the sole purpose of spam checking.
The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to me. This email will include the submitter’s IP address, timestamp, name, email address, website (if specified), and message.
In order to track image views to help me improve the quality of the site and the content presented, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Embedded Content from Third Party Websites and Services
Posts on this site may contain embedded content from sites owned by third parties (e. g. videos, images, text etc.). This site may also use script and type libraries provided by third parties, e. g. Google-Webfonts. These are downloaded from the providing sites by your browser and may be cached locally.
Embedded content and libraries will behave exactly as if you had visited the providing site directly. Hence the sites run by the third parties may collect data, set cookies, use additional tracking services and record your interactions with the embedded content or libraries. In particular, if you are logged in with an account you may have for these sites, your interactions with the embedded content may be related with your account by the owner of the respective site. I do not have any influence on the activities if the third parties and the behaviour of their sites.
In order to record page views via WordPress.com Stats with additional loads, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically).
A visitor’s preference on viewing the mobile version of a site is stored via a cookie (
akm_mobile). The cookie is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. Learn more about this cookie.
When sharing content via email, the following information is used: sharing party’s name and email address, IP address (for spam checking), user agent (for spam checking), and email body/content. This content will be sent to Akismet (also owned by Automattic) so that a spam check can be performed.
To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, WordPress and Jetpack also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (
DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and SPAM.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
Automattic’s Jetpack extension collects statistical information about visitor behavior to give me feedback about the number of visits and the frequency with which certain content is accessed. The following data is stored and transmitted to WordPress.com:
- IP address,
- WordPress.com User-ID (if signed in),
- WordPress.com username (if signed in),
- User Agent (browser or mobile app),
- visited URL,
- referring URL,
- Browser-language and country code.
Statistics logs sent to WordPress.com that would allow a visitor to be identified are automatically deleted after 28 days. For me as the owner and administrator of this website, it is not possible to identify individual visitors in the statistics returned to me.
More information about the Jetpack statistics can be found here: https://jetpack.com/support/wordpress-com-stats/#privacy
I’m not using any further analytical services.
With whom I sync data
Visitor comments as well as data and meta data associated with a contact form submission are synced with Akismet to detect SPAM. The result will be also synced with WordPress.com. This includes IP address and user agent originally submitted, as they are stored in meta data, the status of a comment and whether or not the submission was classified as SPAM by Akismet.
If you use any form on this site that uses reCAPTCHA, your IP address will be shared with that service.
With whom I share data
Collected personal data will on principle only be used for the purposes of this website, i.e. to display comments with information about the respective author and to avoid SPAM.
Personal data will not be passed on to third parties beyond the scope mentioned above. Data will only be disclosed to third parties on request if there is a legal obligation to do so.
How long I will store data
If you write a comment or a message via the contact form, it will be stored indefinitely, including metadata.
In the case of comments, this allows WordPress to automatically recognise and release subsequent comments instead of keeping them in a moderation queue.
In the case of the contact form, the storage allows me to comply with your contact request and track the communication with you.
What Rights You have over Your Data
If you wrote a comment or used a contact form on tis website, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
How I Protect Personal Data
The data is stored by my hosting provider in access- and access-protected databases. Nobody but me has direct access to the data.
All systems involved are regularly updated so that any vulnerabilities that become known are closed as quickly as possible.
What Data Breach Procedures I have in Place
Should I become aware that, contrary to expectations, personal data collected via this website has become accessible to third parties beyond the intended extent, I will inform the authorities and all affected users of the event. In this case, the website will also be deactivated until the cause has been completely determined and rectified and safe operation is possible again.
Reservation of Change