Privacy Policy

1. Controller

A data protection officer has not been appointed. For privacy-related requests, please use the email address above.

2. Collection and Storage of Personal Data

Last updated: 22.02.2026

a) When visiting the website

When you visit this website, the hosting provider automatically processes technical data (e.g., IP address, date and time of request, browser type, operating system, referrer URL, accessed pages). This data is used to ensure website operation and security.

Legal basis: Art. 6 Abs. 1 lit. f DSGVO (legitimate interest).

b) Registration and user account

When creating an account, username, email address, encrypted password and optional profile information are processed. In addition, one security record per user account is maintained with user ID, current IP address and timestamp. This record is updated on registration and on mod submissions to detect and prevent multi-account abuse and attacks against the platform.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance) for account provision and Art. 6 para. 1 lit. f GDPR (legitimate interest) for abuse and security prevention.

c) Uploads and content

Uploaded content (e.g., images, descriptions) is stored and may be displayed publicly if released by the user. Users are responsible for the legality of their uploaded content.

d) Comments and chat

When using the comment or chat functions, username, message content and timestamps are stored.

Legal basis: Art. 6 Abs. 1 lit. b DSGVO.

3. Cookies

This website uses technically necessary cookies (e.g., for login sessions). Ads and analytics services (e.g., Google Analytics) can also be provided as non-personalized services without marketing cookies. Personalized ads and full analytics are enabled only after explicit consent (Art. 6 para. 1 lit. a GDPR). Your choice can be changed or withdrawn at any time via the footer link "Cookie Settings".

Your decision is stored locally in your browser (localStorage) with timestamp, consent type and validity period (typically up to 6 months).

4. Hosting

This website is hosted by a hosting provider. Processing generally takes place under a data processing agreement (Art. 28 GDPR). Specific provider details can be provided upon request.

5. Use of Cloudflare (CDN)

For performance and security optimization, a CDN (e.g., Cloudflare) may be used. In this context, data may be transferred to the USA. Where Cloudflare is used, this is based on legitimate interests and technical necessity; security commitments are described by Cloudflare. More information: https://www.cloudflare.com/privacypolicy/

6. Google AdSense

If Google AdSense is used, ads may be delivered as non-personalized ads without enabling marketing cookies. Personalized ads are activated only after explicit consent. More information and opt-out options are available at Google: https://policies.google.com/privacy

7. Google Analytics

This website may use Google Analytics, a web analytics service provided by Google Ireland Limited. Google Analytics uses cookies to analyze website usage. The information generated by the cookie about your use (including your truncated IP address) is transmitted to and stored on a Google server. Google uses this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website usage.

Google Analytics is only activated if you have explicitly consented to the use of marketing/analytics cookies via the cookie banner.

Legal basis: Art. 6 Abs. 1 lit. a DSGVO (consent).

More information: https://policies.google.com/privacy, Opt-out: https://tools.google.com/dlpage/gaoptout

8. Storage Period

Personal data is stored only as long as required for the respective purpose or as required by legal retention obligations. For example, log files are typically stored for 30 days, account data until account deletion, and backups depending on system configuration (e.g., up to 6 months). Security records (user ID, IP, timestamp) are stored for a maximum of 12 months and are then automatically deleted. Exact periods may vary and can be provided on request.

9. Data Subject Rights

Data subjects have, among others, the following rights under the GDPR: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and objection (Art. 21). To exercise your rights, please send an email to [email protected]. Requests are usually answered within 1 month; this period may be extended in complex cases.

Automated Decision-Making

No automated decision-making within the meaning of Art. 22 GDPR takes place.