Privacy Policy

Privacy Policy

Last updated: 4 June 2026 · Controller: Isabella-Viktoria Quilez

This page explains what personal data SeeIndie processes, why, and on what legal basis — and the rights you have over it. It applies to seeindie.com and to our profiles on other platforms. In keeping with how the rest of the site works: plain language first, the formal detail underneath.

The short version. SeeIndie is a small, one-person publication. There are no ads, no affiliate links and no advertising trackers. Analytics only run after you consent. The data that is processed is the ordinary minimum needed to serve pages, run the newsletter, answer messages and keep the site secure — nothing is sold, ever.
At a glance
  • Run by Isabella-Viktoria Quilez (contact and Impressum below).
  • Always processed: your IP address and server log data, so pages load and stay secure.
  • Only with consent: analytics (Microsoft Clarity) and embedded YouTube videos.
  • If you choose to: newsletter sign-up and the contact form.
  • Your rights: access, correction, deletion, portability, objection, and a complaint to a supervisory authority.

Jump to

Who runs this site

SeeIndie is operated by:

Isabella-Viktoria Quilez
c/o Online-Impressum #8718
Europaring 90, 53757 St Augustin, Germany
Email: corgisummoner97@mail.online-impressum.de
Full legal notice (Impressum): mein.online-impressum.de/corgisummoner97

As the controller, this is the person who decides why and how your personal data is processed. This notice serves both the EU GDPR and the Swiss FADP; for readability the GDPR's terms are used throughout, but the FADP's meanings still apply within its scope.

What's processed, and why

Depending on how you use the site, the following categories of data may be processed:

CategoryExamplesWhy
Usage dataPages viewed, time on page, device and browser typeProvide the site; understand what's useful (analytics, only after consent)
Log dataIP address, access times, requested files, referrerDeliver pages; keep the server stable and secure
Contact dataEmail address, and any name you giveReply to messages; send the newsletter you asked for
Content dataThe text of a message you sendHandle your enquiry
Meta / comms dataTimestamps, identifiersSecurity, and proof that consent was given

Legal bases (GDPR)

Processing rests on one of these, named again at each service below:

  • Consent — Art. 6(1)(a): analytics, embedded YouTube, and the newsletter.
  • Contract / pre-contract — Art. 6(1)(b): handling a request you send us.
  • Legal obligation — Art. 6(1)(c): where the law requires retention.
  • Legitimate interests — Art. 6(1)(f): secure hosting, spam defence, and running the site. In Germany the Federal Data Protection Act (BDSG) applies alongside the GDPR.

Cookies & consent

Cookies store and read small pieces of information on your device. SeeIndie uses them sparingly. Where consent is legally required — for anything beyond what's strictly necessary — it's requested first through a consent banner, logged so it can be proven, and withdrawable at any time. Where consent isn't needed (for example, keeping the site functional and secure), the basis is our legitimate interest. Session cookies clear when you close your browser; any permanent cookies last up to two years unless stated otherwise. You can also clear or block cookies in your browser settings.

Withdrawing consent. You can change or withdraw your consent at any time via the consent banner or your browser's privacy settings, with effect for the future.

Services we use

Each item names what it does, who provides it, the legal basis, and — where relevant — the basis for any transfer outside the EU. The DPF is the EU–US Data Privacy Framework; SCCs are the EU's Standard Contractual Clauses.

Hosting & server log files
The site runs on rented server space. Every request is logged in server log files (the requested address, date and time, data volume, browser and OS, referrer and, as a rule, the IP address) to keep the servers stable and defend against abuse such as DDoS attacks. Legal basis: legitimate interests, Art. 6(1)(f). Log data is kept for a maximum of 30 days, then deleted or anonymised — unless a specific incident needs it kept for evidence until resolved.
Newsletter (Ghost)
The newsletter is sent only to people who sign up. Your email address is enough; a name is optional, for personal addressing. Open and click measurement may be used to improve the newsletter, based on technical data and reading behaviour. You can unsubscribe from any email at any time. Legal basis: consent, Art. 6(1)(a). Unsubscribed addresses may be kept for up to three years to prove consent was once given, and processing of that record is then limited to defending against claims.
Contact form — Formspree
Messages sent through the contact form are processed to answer and handle your request (typically your email, message, and any name). Delivery is handled by Formspree, which receives the form data plus technical metadata (IP address, time of submission) and forwards it to us by email, also using it for spam protection. Formspree acts as a processor under a data processing agreement, on servers in the USA. Provider: Formspree, Inc., San Antonio, Texas, USA. Legal basis: contract / pre-contract, Art. 6(1)(b), and legitimate interests, Art. 6(1)(f). Transfer basis: SCCs. Formspree privacy policy.
Analytics — Microsoft Clarity
Clarity helps understand how the site is used (heatmaps and session recordings of mouse movement, clicks, scrolling and interactions) so usability can be improved. It runs on a pseudonymous identifier and isn't used to identify you personally — and it only loads after you consent. Provider: Microsoft Corporation, Redmond, WA, USA (EU entity: Microsoft Ireland Operations Ltd). Legal basis: consent, Art. 6(1)(a). Transfer basis: DPF and SCCs. Microsoft privacy statement.
Fonts — Bunny Fonts
Fonts are delivered by Bunny Fonts, a privacy-friendly alternative to Google Fonts. Your IP address is technically transmitted so the font can be delivered to your browser. According to the provider, Bunny Fonts doesn't log or store IP addresses, set cookies, or track end users, and its servers are in the EU (no third-country transfer). Provider: BunnyWay d.o.o., Ljubljana, Slovenia. Legal basis: legitimate interests, Art. 6(1)(f). Bunny privacy policy.
Embedded video — YouTube (click-to-load)
Where a video is embedded, only a preview loads first; YouTube's player — and any connection to its servers — loads only after you click it. Videos use YouTube's extended privacy mode (youtube-nocookie). When the player loads, your IP address and technical data are sent to the provider and cookies may be set. A visible thumbnail may transmit your IP to YouTube on page load. Provider: Google Ireland Ltd, Dublin, Ireland (parent: Google LLC, USA). Legal basis: consent, Art. 6(1)(a). Transfer basis: DPF.
Social profiles — Bluesky & X
SeeIndie maintains profiles on Bluesky and X to share information and communicate. If you interact with these, the network processes your data under its own policy, and this may happen outside the EU. Requests about that data are best made directly to the network, which alone can access it. Bluesky: Bluesky PBLLC, Seattle, USA — privacy policy. X: X Internet Unlimited Company, Dublin, Ireland — privacy policy. Legal basis: legitimate interests, Art. 6(1)(f).

Data outside the EU

Where data reaches a country outside the EU/EEA (mainly the USA, via the services above), it happens on a lawful basis. For US transfers we rely first on the Data Privacy Framework — recognised as adequate by the EU Commission in July 2023 — backed by Standard Contractual Clauses as a fallback, so protection holds even if the framework changes. Each service above notes which basis applies to it.

How long we keep data

Data is deleted once its purpose is met or consent is withdrawn, unless the law requires it kept longer (for example, tax or evidentiary reasons). Where several periods apply, the longest wins. Specific rules noted above: server logs up to 30 days; unsubscribed newsletter addresses up to three years to prove consent.

Your rights

Under the GDPR (Art. 15–21) you can exercise the following at any time — just email the address above.

RightWhat it means
AccessConfirm whether your data is processed, and get a copy.
RectificationHave inaccurate data corrected or completed.
Erasure & restrictionHave data deleted, or its processing restricted, where the law allows.
PortabilityReceive data you provided in a common, machine-readable format.
ObjectionObject to processing based on legitimate interests, including profiling; and object to direct marketing at any time.
Withdraw consentWithdraw any consent, with effect for the future.
ComplaintLodge a complaint with a supervisory authority, e.g. where you live or work.

Security

Appropriate technical and organisational measures protect your data's confidentiality, integrity and availability. All traffic is encrypted in transit with TLS/SSL (shown as https:// in your browser), and data protection is considered by design and by default.

Changes to this policy

This notice is updated whenever changes to how data is processed make it necessary. Where a change needs something from you (such as fresh consent), you'll be informed. Please check the “last updated” date at the top from time to time.

Questions about your data? Email corgisummoner97@mail.online-impressum.de.

Created with the free privacy policy generator Datenschutz-Generator.de by Dr. Thomas Schwenke.