Last updated: January 2025
Protecting your personal data is important to us. This privacy policy explains what data we collect, how we use it, and what your rights are.
Responsible for data processing on this website within the meaning of the GDPR and other national data protection laws and regulations is:
Jonathan Hedderich
Schulenburger Landstraße 45
30165 Hannover
Germany
Email: dsgvo@jonart.me
For privacy inquiries, to exercise your data subject rights (access, rectification, erasure, restriction, portability, objection, withdrawal), or for any other data protection matters, please contact dsgvo@jonart.me.
Your images never leave your browser.All image compression happens locally on your device, exclusively via your browser's HTML5 Canvas API. There is no upload to any server. We have no access to your images, and no image data is transmitted or stored.
When you sign in with your email or change the theme, the following data is stored exclusively in your browser:
jnrt_locale cookie, see section 3b)This data does not leave your browser. We have no access to it. You can delete it at any time by clearing your browser cache or the localStorage data for this domain.
So your language choice is honored on your next visit, we set exactly one strictly necessary cookie:
jnrt_locale — value: de or en. Lifetime: 1 year. Path: /. SameSite: Lax. Read only by the same domain, no third-party access. Used for sticky language detection: when you revisit /, you are redirected to /de or /en, and the DE blog redirects to the EN blog (or vice versa) if you previously chose the other language.This cookie is strictly necessary to provide the service you explicitly request (your language preference) under Art. 6 (1)(f) GDPR / § 25 (2) TTDSG and therefore does not require prior consent. You can delete it at any time by removing the cookies for this domain in your browser — it won't be re-set automatically, only when you change the language again.
For AVIF compression, a WASM-based encoder from esm.sh is loaded once per session (a CDN for ES modules). Your IP address is transmitted to esm.sh, similar to other CDN providers. No image data is transmitted — compression runs fully in your browser afterwards.
If your browser supports AVIF natively (Chrome 85+, Firefox 113+, Safari 16.4+), the WASM encoder is not loaded.
When you access our website, the web server automatically logs the following data:
This data is used exclusively to ensure trouble-free operation and to improve our service. We cannot link it to a specific person. Legal basis is Art. 6 (1)(f) GDPR (legitimate interest).
This website uses Google AdSense, a service for embedding ads from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Two modes depending on consent:
npa=1). These have no profiling, no tracking cookies and no remarketing. Technically necessary data (IP, user agent) is processed to deliver the ad.Both modes fund the free provision of JNRT Pixel. Information on Google's data processing is available at policies.google.com/privacy. You can manage further personalization settings at Google at adssettings.google.com.
Legal basis for personalized ads is Art. 6 (1)(a) GDPR (consent). Legal basis for non-personalized ads is Art. 6 (1)(f) GDPR (legitimate interest in funding the free service).
This website may use Google Tag Manager (GTM) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. GTM is a tag-management system through which other analytics and marketing tags (e.g. Google Analytics 4) can be served. GTM itself does not set any cookies, but loads scripts that may set cookies.
Strict consent binding: the container is loaded only after your explicit consent in the "Statistics & analytics" category. Before any consent, Consent Mode v2 with default "denied" applies to all storage categories (analytics_storage, ad_storage, ad_user_data, ad_personalization). Only after consent is an update pushed to the dataLayer.
Legal basis is Art. 6 (1)(a) GDPR (consent) and § 25 (1) TTDSG. You can revoke consent at any time via or in the footer. More at policies.google.com/privacy.
On the page /contact we provide a contact form. When you fill it out and submit it, we process the following data:
Legal basis: Art. 6 (1)(a) GDPR (your explicit consent via the checkbox before submission) and Art. 6 (1)(f) GDPR (legitimate interest in spam protection and IT security).
Retention: Your message is kept for as long as needed to handle your inquiry and to comply with any statutory retention obligations. It is deleted at the latest after completion and after any deadlines expire. You can request deletion at any time.
Cloudflare Turnstile (spam protection). To defend against automated attacks and spam we embed "Cloudflare Turnstile" from Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Turnstile is a privacy-friendly CAPTCHA process that works without tracking cookies or user profiles, relying on behavioral and browser signals. When the contact form is loaded, a script from challenges.cloudflare.com is fetched. Technical data (IP address, user agent, very limited browser telemetry) is transmitted to Cloudflare for classification and processed there briefly. According to its own statements, Cloudflare participates in the EU-US Data Privacy Framework; in addition, EU standard contractual clauses are used. More at cloudflare.com/privacypolicy and Turnstile product info. Legal basis is Art. 6 (1)(f) GDPR (legitimate interest in spam protection).
Honeypot. The form also contains a field invisible to humans ("honeypot", hidden via CSS and aria-hidden, excluded from tabbing). If this field is filled in anyway — which in practice only automated bots do — we discard the request. No additional personal data is collected.
Email delivery (Resend). If enabled, incoming messages are delivered via the email service Resend (Resend, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA) to the recipient address dsgvo@jonart.me. Resend processes the content of your message and the involved email addresses solely on our behalf for delivery. A data processing agreement under Art. 28 GDPR is in place; in addition, EU standard contractual clauses are used. More at resend.com/legal/privacy-policy. Legal basis is Art. 6 (1)(b)/(f) GDPR (performance of pre-contractual measures and legitimate interest in responding to your inquiry).
This website uses three categories of storage:
On your first visit, a cookie banner appears with the options "Accept all", "Necessary only" and "Settings". Your choice is stored in localStorage. You can change it at any time via or in the footer.
Under the GDPR you have the following rights:
Since we collect only minimal data and never process image content, the scope of your personal data with us is very limited. Local data (localStorage) you can delete yourself at any time.
We reserve the right to update this privacy policy when the legal situation or our service changes. The current version is always available on this page.