ClassTiles

Privacy policy

July 6, 2026

The protection of your personal data matters to us. This website is deliberately built to minimise data: it has no contact forms, no newsletter, no analytics or tracking services, no cookies, and no content that is loaded from third-party servers when you open a page. Below we explain how personal data is processed when you visit this website.

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Stefan Venekamp
c/o Block Services
Stuttgarter Str. 106
70736 Fellbach
Germany

Email: info@classtiles.de

2. Your rights at a glance

You have the right at any time to access, rectify, erase and restrict the processing of your data, a right to data portability, a right to object, and the right to lodge a complaint with a supervisory authority. Details are set out in sections 10 and 11. An informal message to the address above is sufficient for any request.

3. Encryption (SSL/TLS)

For security reasons and to protect data in transit, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the https:// in your browser’s address bar.

4. Hosting

The website is hosted on Cloudflare Pages, provided by Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. Cloudflare provides the server and delivery infrastructure (content delivery network) and processes the technically necessary data on our behalf. The legal basis is our legitimate interest in a secure, fast and reliable provision of the website (Art. 6(1)(f) GDPR). A data processing agreement (Data Processing Addendum) is in place with Cloudflare. Where personal data is transferred to the USA, Cloudflare bases that transfer on its certification under the EU-U.S. Data Privacy Framework, for which the European Commission adopted an adequacy decision on 10 July 2023; in addition or as a fallback, the European Commission’s Standard Contractual Clauses apply, together with supplementary measures.

5. Server log files

When the website is accessed, access data is automatically collected and processed in so-called server log files. These are:

This data is technically required to deliver the website, to ensure its stability and security, and to detect malfunctions. It is not combined with other data sources and is not used to identify individuals. The legal basis is our legitimate interest in secure and functional operation (Art. 6(1)(f) GDPR). The data is stored only for as long as necessary for these purposes and in line with the hosting provider’s technical settings; beyond that it is deleted or anonymised.

6. Cookies and local storage

This website sets no cookies. To remember the language you last selected, a single entry is stored in your browser’s local storage (localStorage, key ct.locale). This information remains solely on your device, is not transmitted to any server, and is technically required for the operation of the website you requested; storing it therefore does not require consent (Section 25(2)(2) TDDDG). You can delete this entry at any time through your browser settings.

7. No analytics, no tracking, no advertising

We use no analytics, statistics, reach-measurement, advertising or social media services. There is no cross-device tracking and no creation of user profiles.

8. Links to external offerings

Our website links to external offerings, in particular videos on YouTube (provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and the Apple App Store (provider: Apple Inc.). The video preview images are generated and rendered locally on this website; no content or scripts are loaded from YouTube, Google or Apple unless you actively click a corresponding link. Only when you follow such a link do you leave this website and reach the respective provider, whose own privacy policy then applies. We have no influence over the data processing that takes place there.

9. Recipients of the data and processing on our behalf

A recipient of the technical data arising from the operation of the website is the hosting provider named in section 4, which processes the data exclusively on our behalf and on our instructions. No further disclosure to third parties takes place unless we are legally obliged to do so.

10. No automated decision-making

Automated decision-making, including profiling within the meaning of Art. 22 GDPR, does not take place.

11. Your rights as a data subject

Subject to the statutory requirements, you have the following rights:

Right to object (Art. 21 GDPR): Where we process data on the basis of our legitimate interest (Art. 6(1)(f) GDPR), you have the right to object at any time, on grounds relating to your particular situation, to such processing.

To exercise your rights, a message to the address named in section 1 is sufficient.

12. Right to lodge a complaint with a supervisory authority

Without prejudice to any other remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement (Art. 77 GDPR).

13. Data protection officer

We are not legally required to appoint a data protection officer. For all data protection matters, please contact the address named in section 1.

14. Currency and amendment of this policy

This privacy policy will be adjusted whenever the underlying technology of the website or the legal framework changes. The version published on this page is the one that applies.