No logging by default – ✅ Minimal data processing</p> <p>We decided to choose the best protection for your personal data: We simply do not collect it. You don’t have to trust us, because you keep your data. By default, we do not log anything, and we concluded a data processing agreement according to Article 28 GDPR with our server provider (see our privacy policy).</p> <p>✅ Single-purpose server – ✅ No databases</p> <p>For security, we provide our blog using a dedicated virtual server. There aren’t any other public services on this server (e.g., no database server, no mail server, no messaging server). For instance, the decentralized Dat version of our blog runs on another virtual server.</p> <p>✅ Security monitoring – ✅ Strong authentication – ✅ Defined processes</p> <p>Our server is permanently monitored to check for modified files and login attempts. Two-factor authentication is needed to access our server. The core of our server is a hardened Linux installation. This means that we removed unnecessary packages and applied strict configuration at kernel level. Finally, we implemented processes to ensure installation of security updates within a narrow time frame and quick reaction to reported potential security vulnerabilities.</p> <p>✅ 100% static content – ✅ No CMS, PHP, or JavaScript – ✅ No 3rd party content</p> <p>Our blog consists of 100% static content. There is no content management system (CMS) installed and there is no dynamically-served content like PHP or JavaScript. We do not embed any third-party content, and all links to third-party websites are marked. Actually, third-party websites, which you access from our blog, run in a separate process in your web browser, and we strip any Referrer information.</p>