Last updated: 2026-05-16. This policy may be finalised before launch with a legal generator and legal review.
Data Controller
Numberland — Dr. Wolfgang Grond, Lohfeld 20, 95326 Kulmbach, Germany. Email: ontocrafter@numberland.com
Server logs
Our web server records technical data on access: IP address, timestamp, requested URL, referrer, user agent. Purpose: operation and security. Legal basis: Art. 6(1)(f) GDPR (legitimate interest). Retention: 7 days.
Cookies
We use strictly necessary cookies (session, login). Consent management is provided by Real Cookie Banner. You can adjust your settings any time via the “Cookie Settings” link in the footer.
Download statistics (WordPress Download Manager)
When you download ontology or document packages, we record: anonymised IP, timestamp, file ID, and user ID if logged in. Purpose: statistics, abuse prevention, license compliance. Legal basis: Art. 6(1)(b) and (f) GDPR. Retention: 12 months.
Contact forms (Fluent Forms)
Data submitted through inquiry forms (e.g. Engineering requests) is processed to handle your enquiry. Required fields are marked accordingly. Legal basis: Art. 6(1)(b) GDPR. Retention: for the duration of the processing; statutory retention periods remain unaffected.
Registration for CC-BY-SA downloads
Downloading CC-BY-SA-licensed ontology packages requires registration. Data collected: name, email, optionally company and role. Legal basis: Art. 6(1)(b) GDPR (pre-contractual). Retention: until you delete your account.
Spam protection (Antispam Bee)
Comments and form submissions are screened by Antispam Bee, which uses local data only and does not transmit anything to external services.
Security logs (Solid Security)
Login attempts and security-relevant events are logged for abuse prevention. Retention: 6 months.
Your rights
You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), and objection (Art. 21), as well as the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The competent authority is generally the Bavarian Data Protection Authority.
International data transfers
The site processes personal data exclusively on servers located in Germany. No transfers to third countries.