Privacy Policy

How we handle your data – transparently and responsibly.

Last updated: 2026-05-16

1. Introduction

This privacy policy explains how blogsandpages.com (“we”, “us”, “our”), operated by Katharina Schneider, Hauptstraße 129/C, 61440 Oberursel, Germany, collects, uses, and protects your personal data when you visit our website.

We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Controller

The data controller responsible for this website is:

Katharina Schneider blogsandpages.com Hauptstraße 129/C 61440 Oberursel, Germany Email: hello@blogsandpages.com

3. Data We Collect

When you visit our website, we may collect the following types of data:

Automatically collected data: Your IP address, browser type, operating system, referring URL, pages visited, and the date and time of your visit. This data is collected through server log files and is used for security purposes and to improve our website.

Data you provide voluntarily: When you use our contact form, you provide your name, email address, and message content. This data is used solely to respond to your inquiry.

We do not collect any data beyond what is necessary for the operation of our website and the processing of your requests.

4. Purpose and Legal Basis

We process your personal data for the following purposes:

  • Website operation and security: Processing is based on our legitimate interest in maintaining a secure and functional website (Art. 6(1)(f) GDPR).
  • Responding to inquiries: When you contact us via our contact form, processing is based on your consent (Art. 6(1)(a) GDPR) or on pre-contractual measures (Art. 6(1)(b) GDPR).
  • Service delivery: If you become a client, we process your data to fulfill our contractual obligations (Art. 6(1)(b) GDPR).

5. Cookies

Our website uses only technically necessary cookies that are required for the basic functionality of the site. These cookies do not track your behavior and do not collect personal data for marketing purposes.

We do not use any third-party tracking cookies, analytics services, or advertising networks. No data is shared with third parties for marketing or profiling purposes.

6. Data Sharing

We do not sell, trade, or otherwise transfer your personal data to third parties, except:

  • Hosting provider: Our website is hosted on GitHub Pages (GitHub, Inc., San Francisco, CA, USA). GitHub may process certain technical data (such as IP addresses) as part of providing the hosting service. GitHub’s privacy policy applies to this processing.
  • Legal requirements: We may disclose your data if required to do so by law or in response to valid requests by public authorities.

7. Data Retention

We retain your personal data only for as long as is necessary for the purposes for which it was collected:

  • Server log files are deleted after 30 days.
  • Contact form data is retained for the duration of our correspondence and for up to 12 months afterward, unless a longer retention period is required for legal reasons.
  • Client data is retained for the duration of the business relationship and for the legally required retention periods thereafter (typically 6-10 years for tax and commercial law purposes).

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR): You can request information about what personal data we hold about you.
  • Right to rectification (Art. 16 GDPR): You can request correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR): You can request deletion of your data, subject to legal retention requirements.
  • Right to restriction (Art. 18 GDPR): You can request that we restrict the processing of your data.
  • Right to data portability (Art. 20 GDPR): You can request your data in a structured, machine-readable format.
  • Right to object (Art. 21 GDPR): You can object to the processing of your data based on legitimate interests.
  • Right to withdraw consent (Art. 7(3) GDPR): You can withdraw any previously given consent at any time.

To exercise any of these rights, please contact us at hello@blogsandpages.com.

9. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our website is served exclusively over HTTPS, ensuring that data transmitted between your browser and our server is encrypted.

10. Pinterest Publishing Service

On the subdomain pinterest.blogsandpages.com we operate a Pinterest publishing service that posts pins on behalf of our clients to their own Pinterest accounts. This service is used exclusively on the basis of an existing service agreement and the client’s explicit consent granted through the Pinterest OAuth authorization flow.

Data we process: Pinterest username (publicly visible on Pinterest), a technical OAuth refresh token (which allows our server to create pins on your behalf), the IDs of the Pinterest boards you have nominated for publishing, and metadata about the pins we publish (title, description, image URL, timestamp, Pinterest pin ID).

Data we do NOT process: We do not read private boards, follower lists, messages or any other private content from your Pinterest account.

Purpose: Contractually agreed publishing of pins on your behalf (Art. 6(1)(b) GDPR) and your consent granted via Pinterest’s OAuth authorization dialog (Art. 6(1)(a) GDPR).

Recipients: Pinterest, Inc., 651 Brannan Street, San Francisco, CA 94107, USA — as platform operator to which we transmit the pin content created on your behalf via the official Pinterest API. Pinterest is certified under the EU-US Data Privacy Framework; additionally, the EU Commission’s Standard Contractual Clauses apply.

Hosting: The Pinterest service runs on servers operated by Goneo Internet GmbH in Hanover, Germany. The SQLite token database is stored exclusively there.

Right to withdraw: You can revoke the connection at any time at pinterest.com/settings/apps. Our service will lose access to your account immediately. You may additionally request deletion of all Pinterest-related data stored about you by email to hello@blogsandpages.com.

Retention: OAuth tokens are stored as long as the service relationship exists or until you revoke access. Pin metadata is retained for reporting purposes for the duration of the service relationship.

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The date of the last update is shown at the top of this page. We encourage you to review this policy periodically.

12. Contact

If you have any questions about this privacy policy or our data practices, please contact us:

Katharina Schneider blogsandpages.com Hauptstraße 129/C 61440 Oberursel, Germany Email: hello@blogsandpages.com