Privacy Policy

How PSA Labs processes personal data and uses privacy-friendly analytics (Simple Analytics), including Do Not Track (DNT).
Updated: Jan 22, 2026 Author:
  • pabumake

This privacy policy explains how we process personal data when you use psalabs.eu.~~~~

1. Controller (data protection contact)

Controller within the meaning of Art. 4(7) GDPR:

[Name / Company] [Street + No.] [Postal code, City] [Country]

E-mail: [E-mail address] Website: https://psalabs.eu

2. Scope

This privacy policy explains how we process personal data when you:

  • visit this website,
  • contact us (e.g., by e-mail),
  • follow external links (e.g., to GitHub or YouTube),
  • and, if applicable in the future, interact with ads or tracking that we may add later.

We follow a privacy-first approach and, for the site itself, avoid third-party assets by default. See also: External Sources & Licenses.

3. Hosting (GitHub Pages)

This website is hosted on GitHub Pages (GitHub, Inc.). When you access our site, GitHub may process technical data required to deliver the website, such as:

  • IP address
  • date/time of request
  • requested URL / path
  • user agent (browser and device info)
  • referrer URL (if provided)

Purpose: delivery, stability, and security of the website. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and reliable website operation).

GitHub’s privacy policy: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement

4. Content delivery & security (Cloudflare)

We use Cloudflare as a reverse proxy / CDN in front of psalabs.eu to improve performance and protect the website (e.g., against abuse). When you access our site, Cloudflare may process technical data such as:

  • IP address
  • date/time of request
  • requested URL / path
  • request headers (e.g., user agent)
  • referrer URL (if provided)

Purpose: performance, reliability, and security (e.g., DDoS protection). Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and efficient website operation).

Cloudflare may set cookies in connection with security features (for example, when a security challenge is required). If this happens, these cookies are used for security and not for advertising tracking.

Cloudflare’s privacy policy: https://www.cloudflare.com/privacypolicy/

5. Server log files

As a static website, we do not operate our own server-side application. However, our hosting provider (GitHub Pages) and our CDN / security provider (Cloudflare) may create server log files (see sections 3 and 4).

Retention: controlled by GitHub. We do not receive or manage raw server logs unless GitHub makes them available to us.

6. Cookies and local storage

At the time of writing, we do not intentionally set tracking cookies.

This site’s theme may use local storage for UI convenience features (for example, menu scroll position). This data remains in your browser and is not transmitted to us.

We also store your theme preference in your browser’s local storage so your choice persists across visits. This is stored under the key pref-color with a value of system, light, or dark.

If you make a choice in our analytics consent banner, we store your decision so we can remember it:

  • Local storage: psa_analytics_consent (granted / denied)
  • Cookie: psa_analytics_consent (granted / denied, max 180 days)

This is used only to store your preference and is not used for cross-site tracking.

7. Contacting us

If you contact us via e-mail, we process the information you provide (e.g., your e-mail address and message content) to respond.

Purpose: communication and handling your request. Legal basis: Art. 6(1)(b) GDPR (pre-contractual steps / contract) and/or Art. 6(1)(f) GDPR (legitimate interest in communication). Retention: until the request is resolved; longer if legal retention obligations apply.

8. Embedded content & external links (GitHub, YouTube)

Our pages may contain links to external sites (e.g., GitHub, YouTube). When you click such a link, you leave our website. The external provider may process personal data according to their own privacy policies.

We do not control how these external providers process data.

9. Ads and tracking (planned)

We currently use a privacy-friendly analytics solution (see section 9.1). We may add advertising and/or additional analytics/tracking in the future. If we do, we will:

  • update this privacy policy,
  • document the vendors and purposes,
  • and, where legally required, request consent before loading non-essential scripts.

9.1 Analytics (Simple Analytics)

We use Simple Analytics to understand overall usage of our website (e.g., which pages are visited).

We only load analytics after you opt in via the on-site consent banner.

Provider: Simple Analytics B.V. (Netherlands) Purpose: website analytics and improvement Legal basis: Art. 6(1)(a) GDPR (consent)

According to Simple Analytics, it is designed to work without tracking cookies and without collecting directly identifying personal data. For details, please refer to Simple Analytics’ documentation and privacy policy:

Analytics preferences

You can change your analytics preference at any time:

Do Not Track (DNT)

Simple Analytics respects your browser’s Do Not Track (DNT) setting. If you have DNT enabled, our analytics provider will not count your visits.

To help us understand what content is useful (and support PSA Labs, including through ads/sponsors), we may show a small on-site notice asking you to consider disabling DNT for this website. If you dismiss that notice, we store a “dismissed” flag in your browser’s local storage so it won’t keep showing.

10. Your rights under the GDPR

If the GDPR applies, you have the right to:

  • access (Art. 15 GDPR),
  • rectification (Art. 16 GDPR),
  • erasure (Art. 17 GDPR),
  • restriction of processing (Art. 18 GDPR),
  • data portability (Art. 20 GDPR),
  • object to processing (Art. 21 GDPR),
  • withdraw consent at any time (Art. 7(3) GDPR), if processing is based on consent.

11. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement (Art. 77 GDPR).

Germany: list of supervisory authorities: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html

12. Updates to this policy

We may update this privacy policy to reflect changes in our site, features, or legal requirements.