top of page

Privacy Policy

Datenschutzerklärung | In accordance with GDPR (EU) 2016/679

Last updated: May 2026

1. Data Controller / Verantwortlicher

The data controller responsible for the processing of personal data on this website is:

Jackson Varghese

Lead Cybersecurity Consultant

Stuttgart, Baden-Württemberg, Germany

E-Mail: contact@varghesejackson.com

Website: https://www.varghesejackson.com

 

If you have any questions about how your personal data is processed, please contact the data controller directly using the details above.

 

2. Overview of Data Processing

This website is a personal cybersecurity blog and professional profile. The following types of personal data may be processed depending on how you interact with the site:

  • Server and access log data (automatically collected when visiting the website)

  • Contact data (when you send an email to the operator)

  • Usage and analytics data (via Wix platform analytics)

  • Cookie data (via Wix platform cookies and any third-party tools)

 

This website does not sell personal data to third parties. Data is processed only for the purposes described in this Privacy Policy.

 

3. Hosting and Website Platform

https://www.wix.com

This website is hosted and operated using Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel. When you visit this website, Wix automatically collects and processes certain technical data including:

  • IP address (anonymised after processing)

  • Browser type and version

  • Operating system

  • Date and time of access

  • Pages visited and referring URL

 

This processing is based on Article 6(1)(f) GDPR (legitimate interests) — specifically the legitimate interest of operating and securing a publicly accessible website. Wix acts as a data processor on behalf of the operator under a Data Processing Agreement.

Wix may transfer data to servers located outside the European Economic Area. Such transfers are governed by Standard Contractual Clauses (SCCs) as approved by the European Commission.

For full details of Wix's data practices, see:

https://www.wix.com/about/privacy

 

4. Cookies and Tracking Technologies

This website uses cookies — small text files stored on your device — to enable the website to function and to analyse usage. Cookies are categorised as follows:

4.1 Strictly Necessary Cookies

These cookies are required for the website to function and cannot be disabled. They do not store any personally identifiable information. Legal basis: Article 6(1)(f) GDPR (legitimate interests in operating a functional website).

4.2 Analytics Cookies

Wix may use analytics cookies to collect aggregated, anonymised data about how visitors use the website (pages visited, time on site, traffic sources). This data is used solely to improve website content and user experience.

Legal basis: Article 6(1)(a) GDPR (consent). Analytics cookies are only set after you have provided consent via the cookie consent banner.

4.3 Managing Your Cookie Preferences

When you first visit this website, you will be presented with a cookie consent banner. You may accept all cookies, reject non-essential cookies, or manage your preferences at any time.

You may also control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the website.

 

5. Contact by Email

When you contact the operator by email, the following data is processed:

  • Your name (if provided)

  • Your email address

  • The content of your message

  • Date and time of your enquiry

 

This data is processed on the basis of Article 6(1)(f) GDPR (legitimate interests in responding to your enquiry).

Your contact data is used solely to respond to your enquiry and is not shared with third parties. Data is retained only as long as necessary to handle your enquiry, and deleted thereafter unless a legal retention obligation applies.

 

6. LinkedIn and External Platform Links

This website contains links to the operator's LinkedIn profile. When you click a LinkedIn link, you leave this website and are subject to LinkedIn's own privacy policy. LinkedIn (Microsoft Corporation) may process your data independently of this website.

The operator has no control over data processed by LinkedIn. Please review LinkedIn's Privacy Policy at:

https://www.linkedin.com/legal/privacy-policy

LinkedIn share buttons or embedded content are not used on this website. No LinkedIn tracking pixels or cookies are set by this website.

 

7. Summary of Legal Bases

The following legal bases under GDPR are relied upon for data processing on this website:

  • Article 6(1)(a) — Consent: analytics cookies

  • Article 6(1)(c) — Legal obligation: retention of data required by applicable law

  • Article 6(1)(f) — Legitimate interests: website hosting, security, server logs, responding to general contact enquiries

 

8. Data Retention

Personal data is retained only as long as necessary for the purpose for which it was collected, or as required by applicable law. Specific retention periods:

  • Server log data: typically 7–14 days, then automatically deleted by the hosting provider

  • Contact enquiry data: retained for the duration of correspondence plus up to 12 months, then deleted

 

 

9. Your Rights as a Data Subject

Under GDPR, you have the following rights with respect to your personal data:

Right of Access (Art. 15 GDPR)

You have the right to request confirmation of whether personal data concerning you is being processed, and if so, to receive a copy of that data.

Right to Rectification (Art. 16 GDPR)

You have the right to request the correction of inaccurate personal data or the completion of incomplete data.

Right to Erasure (Art. 17 GDPR)

You have the right to request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent and no other legal basis applies.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request that the processing of your data be restricted in certain circumstances, for example while the accuracy of the data is being verified.

Right to Data Portability (Art. 20 GDPR)

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a structured, commonly used, machine-readable format.

Right to Object (Art. 21 GDPR)

You have the right to object at any time to the processing of your personal data where the legal basis is legitimate interests (Art. 6(1)(f) GDPR). The operator will cease processing unless compelling legitimate grounds are demonstrated.

Right to Withdraw Consent (Art. 7(3) GDPR)

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

How to Exercise Your Rights

To exercise any of the above rights, please contact: contact@varghesejackson.com

Requests will be responded to within 30 days in accordance with Article 12 GDPR. No fee is charged for exercising your rights unless requests are manifestly unfounded or excessive.

 

10. Right to Lodge a Complaint

If you believe that the processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for Baden-Württemberg, Germany is:

 

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI)

Königstraße 10a

70173 Stuttgart

Germany

 

Tel: +49 711 615541-0

E-Mail: poststelle@lfdi.bwl.de

Website: https://www.baden-wuerttemberg.datenschutz.de

 

You also have the right to lodge a complaint with the supervisory authority in your country of residence or place of work, or in the place of the alleged infringement.

 

11. Third-Party Data Processors

The following third-party service providers may process personal data on behalf of the operator as data processors under signed Data Processing Agreements:

  • Wix.com Ltd. — website hosting and platform (Israel / EU SCCs apply)

 

 

No personal data is sold, rented, or shared with any third party for their own marketing purposes.

 

12. International Data Transfers

Wix.com Ltd. is headquartered in Israel, which has been granted an adequacy decision by the European Commission, meaning it is recognised as providing an adequate level of data protection equivalent to the EU.

Where data is transferred to countries outside the EEA that do not have an adequacy decision, the transfer is governed by Standard Contractual Clauses (SCCs) as approved by the European Commission under Article 46(2)(c) GDPR.

 

13. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in data processing practices, applicable law, or the services offered on this website. The date of the most recent update is indicated at the top of this document.

Continued use of the website after changes are published constitutes acceptance of the updated Privacy Policy.

 

Last updated: May 2026

This Privacy Policy was prepared in accordance with GDPR (EU) 2016/679, BDSG (Bundesdatenschutzgesetz), and applicable German data protection law.

bottom of page