privacy policy
last updated: 2026-06-11
the short version: this site sets no cookies, shows no consent banner because none is needed, and cannot recognize you when you come back. here is everything it does process.
1. controller
ByteLane UG (haftungsbeschränkt), Kolonnenstraße 8, 10827 Berlin, Germany — nik@nik.zip (see the impressum).
2. hosting (cloudflare)
this site is served by Cloudflare, Inc. (USA) from its edge network. cloudflare processes your IP address, request metadata and TLS data to deliver the site and defend it against attacks, and keeps short-lived request logs (including in cloudflare's workers logs). legal basis: legitimate interest in operating a secure website, art. 6(1)(f) GDPR. cloudflare is certified under the EU-US data privacy framework and processes data under standard contractual clauses where applicable.
3. analytics (posthog)
i use PostHog to count visits and see which terminal commands get used. it runs cookieless: nothing is stored on or read from your device, the session identifier lives only in page memory, and a returning visitor looks like a new one. events are anonymous — i never identify users.
what is sent: the page URL and referrer, browser and device type, which recognized command you ran (never free text you type), and javascript error reports (error message and stack trace). your IP address is used in transit to deliver the events and then discarded; it is not stored. a coarse location (country/city) is derived from it before it is discarded.
processor: PostHog, Inc. (USA) under a data processing agreement; event data is hosted on AWS in Frankfurt, Germany (posthog cloud eu); EU-US data privacy framework / standard contractual clauses cover residual transfers. legal basis: legitimate interest in privacy-preserving reach measurement, art. 6(1)(f) GDPR. retention: up to 12 months. because events are anonymous, i cannot link them back to you (art. 11 GDPR), which also means access or erasure requests cannot be matched to specific events.
4. local storage
if you run the theme command, your chosen color scheme is saved in your
browser's localStorage under the key "nik-theme". it contains only the theme name, never
an identifier, and never leaves your browser. this is a functional setting you explicitly
requested (§ 25(2) no. 2 TDDDG) — no consent required. clear it via your browser or by
resetting the theme.
5. on-device ai
free-form questions are answered by a language model that runs entirely inside your browser (chrome's prompt api / gemini nano). your questions and the answers never leave your device and are not sent to me, to posthog, or to anyone else. note: the first time the feature is used, chrome itself may download the model from google — that download is a browser function under google's chrome terms, not a request by this site.
6. fonts
fonts are self-hosted on nik.zip. no requests go to google fonts or any other font cdn.
7. contact
the site only links my email address. if you write to me, i process your address and message to reply (art. 6(1)(b)/(f) GDPR) and keep the correspondence as long as the conversation is relevant. my mailbox is hosted by mxroute.
8. your rights
under the GDPR you can request access, rectification, erasure, restriction, and portability, and you can object to processing based on legitimate interest (art. 21). you can also complain to a supervisory authority — for berlin: berliner beauftragte für datenschutz und informationsfreiheit (datenschutz-berlin.de).
9. changes
if the site starts processing more than this, this page changes first.
(this page itself runs no analytics.)
cd ~