General Technical Information

GDPR, Analytics, Hosting, Cloudflare, Online-Calendar, Google-Fonts, Cookie-Policy

Guiding principles

Maximum DSGVO / GDPR compliance through self-hosting in Germany.
Maximum operational security in a 27001-certified data center.
Selection of secure open source solutions for Server-Platform and Operating Platform.
Maximizing Internet security in domain management.
Maximum security against unauthorized entry.

Hosting at Hetzner in Germany

This website with integrated business solution consisting of Server-Platform and Operating-Platform, is hosted by Hetzner in Germany (see also section Subdomains).

More Information about Data Protection at Hetzner.
Mor Informationabout ISO 27001 Certification of Hetzner.

Subdomains

This website or business solution uses the following subdomains, with applications hosted by Hetzner itself:

Appointment management with online calendar
cal.tolksdorf.digital
Website Analytics
matamo.tolksdorf.digital
plausible.tolksdorf.digital
Interaktive KI-Anwendung („Samy“), DSGVO-konform gesteuert über Klaro!
Wird nur geladen, wenn eine ausdrückliche Zustimmung vorliegt. Es erfolgt keine Verbindung zu Drittanbietern oder Trackingdiensten.
https://samy.tolksdorfdigital.com
Team Collaboration using Nextcloud
nextcloud.tolksdorfdigital.com

GMail and Domains

The Swiss company Tolksdorf.digital GmbH uses Google Mail with the domain https://tolksdorf.digital. The DNS records of the domain are managed with Cloudflare without proxy functionality.
Deutsche Tolksdorf.digital UG uses Google Mail with the separate domain https://tolksdorf-de.digital. The website of the domain is redirected to the shared website https://tolksdorf.digital , provided by the Swiss company Tolksdorf.digital GmbH.

Google Fonts

This website uses Google fonts stored statically on its own servers, which are not reloaded online.

The following tool was used for the verification. https://www.ccm19.de/google-fonts-checker/

Cloudflare

The DNS records of the domain are managed with Cloudflare without proxy functionality.

More Information about Cloudflare Privacy Policy.

Appointment management with online calendar

To book appointments, a self hosted Cal.com instance running in a container is used.

Website Analytics

Zur anonymen statistischen Auswertung nutzen wir im Standard Plausible Analytics und Matomo. Diese Dienste sind datenschutzfreundlich konfiguriert und standardmäßig aktiviert. Dienste wie Google Tag Manager oder der interaktive KI-Assistent Samy werden erst nach ausdrücklicher Zustimmung geladen.

Matomo ist eine selbstgehostete Webanalyse-Plattform, die ohne personenbezogene Daten auskommt und vollständig DSGVO-konform betrieben wird. Auf dieser Webseite wird Matomo ausschließlich zur anonymisierten Reichweitenmessung eingesetzt. Wie Plausible Analytics, ist Matomo eine DSGVO konforme Alternative to Google Technologien. Beide Lösungen können aus der Cloud bezogen oder wie bei Tolksdorf.digital onpremise auf eigenen Servern betrieben werden.
Mehr Informationen über Matomo und Datenschutz: https://matomo.org/privacy/?nav. Plausible is an intuitive, lightweight and open source web analytics solution. Plausible does not use cookies (See also section Cookie Policy) and is fully compliant with GDPR (DSGVO), CCPA and PECR. Created and hosted in-house by Hetzner (see above).

More information about GDPR-, CCPA- and Cookie-Laws-conform Website-Analytics using Plausible.

More information about the Privacy-Policy (Datenschutz) at Plausible.

Google Tag Manager (GTM) ist ein Tag-Management-System (TMS), mit dem Tracking-Codes und verbundene Code-Fragmente (im Allgemeinen als Tags bezeichnet) auf Website's oder in mobilen Apps vermessen werden können. GTM steht erst nach ausdrücklicher Zustimmun zur Verfügung.

Künstliche Intelligenz (KI) auf dieser Webseite

Auf dieser Webseite wird eine interaktive KI-Assistenz („Samy“) angeboten, die ausschließlich auf Anforderung durch die Nutzerin oder den Nutzer aktiv wird. Die Funktion wird DSGVO-konform über das Klaro!-Einwilligungsmanagement gesteuert. Es findet keine personenbezogene Analyse oder externe Verarbeitung statt, solange keine Zustimmung vorliegt. Die KI läuft auf eigener Infrastruktur (Subdomain samy.tolksdorfdigital.com), ist frei von Drittanbieter-Tracking und dient ausschließlich der fachlichen Unterstützung und freiwilligen Information.

Cookie Policy

Cookie database that can be used to verify the data

At https://cookiedatabase.org/ you can view information about cookies, local storage, pixels and other tracking technologies. You can also read the Data Passports we have created about the services and organizations that create or use these technologies.

Cookie Banner, Cookie Analytics and Management

Zur Verwaltung von Cookies und externen Diensten wird die Open-Source-Lösung Klaro! eingesetzt. https://klaro.org/

Dabei handelt es sich um ein vollständig selbst gehostetes, leichtgewichtiges Consent-Management-Tool, das DSGVO-konform eine Einwilligung für technisch nicht notwendige Dienste (z. B. Analytics, eingebettete interaktive Komponenten) einholt und deren Ausführung unterbindet, solange keine Zustimmung vorliegt

Die Cookie-Entscheidung kann jederzeit über den Footer-Link „Datenschutz | Impressum | Cookies“ angepasst werden.

Klaro! setzt selbst keine Tracking-Cookies. Es wird lediglich ein lokales, technisch notwendiges Cookie verwendet, um Ihre gewählten Einstellungen zu speichern.

Ein Cookie-Scan-Report is available on request.

Youtube related Cookies

To display videos on the website https://tolksdorf.digital wird Youtube genutzt. Videos are not played automatically, so users are free to use them while applying to and adhering the Google Privacy Controls .

Cookie VISITOR_INFO1_LIVE

This functionally important cookie is used by YouTube to determine bandwidth.

Source: https://cookiedatabase.org/cookie/youtube/visitor_info1_live/

Cookie YSC

This optional cookie is set by YouTube for marketing/tracking to track views of embedded videos.

Source: https://cookiedatabase.org/cookie/youtube/ysc/

Nextcloud

Nextcloud only stores cookies that are necessary for the proper functioning of Nextcloud. All cookies come directly from self-hosted Nextcloud servers, no third-party cookies are sent to your system.

The cookies are used to determine how a request reaches the Nextcloud server and to prevent CSRF attacks. No identifiable information is stored in these cookies. The other cookies are used exclusively to identify users in the system. Cookies used:

Cookie	Stored data	Life time
Session cookie	session ID secret token (used to decrypt the session on the server)	24 Minutes
Same-site cookies	No user-related data is stored, all same-site cookies cookies are identical for all users on all Nextcloud instances.	Forever
Remember-me cookie	user id original session id remember token	15 Days (configurable)

Source: https://docs.nextcloud.com/server/latest/admin_manual/gdpr/cookies.html

Cal (formerly Calendso)

As it is self-hosted, this module does not use cookies itself. For session management, information is stored in the local memory for technically necessary reasons to call up the appointment management https://cal.tolksdorf.digital used. The data is automatically deleted after the functionality is terminated. Further technical information can be found on Github: https://github.com/calcom/cal.com

__Secure-next-auth.callback-url
__Secure-next-auth.csrf-token
__clnds

Odoo related Scripts

csrf_token (Odoo)

The technically essential CSRF token (Cross-Site Request Forgery token) is a security mechanism that prevents malicious websites or attackers from performing actions on behalf of an authenticated user. When a user logs in to a website, they receive a CSRF token. This token is usually stored in the form of a cookie or a hidden input in the web form. The CSRF token must be sent with every action or request that the user sends to the website. The website then checks whether the token is correct to ensure that the request originates from a trustworthy sender.

Using the CSRF token ensures that only authorized actions can be performed by a user and that potential CSRF attacks are blocked. The token normally changes with each login or session to further increase security.

More informationen is available on Wikipedia .

__session_info__ (Odoo)

Technically essential for managing Odoo system users (not website users).

Odoo related Cookies

The following text was automatically generated and translated by Odoo. For technical reasons, only essential cookies are used for the use of this website.

Cookies are also used to help us understand your preferences based on previous or current activity on our site (the pages you have visited), your language and your country, which allows us to provide you with a better service. We also use cookies to collect aggregate data about website traffic and website interaction so that we can offer you better website experiences and tools in the future.

Here you will find an overview of the cookies that may be stored on your device when you visit our website:

Category of Cookies	Purpose	Examples
Session & Security (essential)	Authenticate users, protect user data and enable the website to provide the services expected by users, such as maintaining the contents of their shopping cart or allowing file uploads. The website will not function properly if you refuse or reject these cookies.	session_id (Odoo)
Preferences (essential)	Remember information about the preferred look or behavior of the website, such as your preferred language or region. Your experience may be affected if you reject these cookies, but the website will continue to function.	frontend_lang (Odoo) tz (Odoo)
Interaction history (optional)	Used to collect information about your interactions with the website, the pages you have visited, and specific marketing campaigns that led you to the website. We may not be able to provide you with the best service if you reject these cookies, but the website will work.	im_livechat_vorheriger_Betreiber_pid (Odoo) utm_campaign (Odoo) utm_source (Odoo) utm_medium (Odoo)
Advertising & Marketing (optional)	Used to make advertising more attractive to users and more valuable to publishers and advertisers, e.g. to provide more relevant advertising when you visit other websites where advertising is displayed or to improve reporting on the performance of advertising campaigns. Please note that some third-party services may install additional cookies on your browser to identify you. You can refuse the use of cookies by third parties by deactivating them on the Opt-out-Page of a Advertisementinitiative. The website will continue to function even if you refuse or reject these cookies.	__gads (Google) __gac (Google)
Google Analytics (optional)	Understand how visitors use our website with Google Analytics. Learn more about Analytics-Cookies and Information about Daten Protection. The website will continue to function even if you reject or refuse these cookies.	_ga (Google) _gat (Google) _gid (Google) _gac_* (Google)

You can choose whether you want your computer to warn you each time a cookie is sent or whether you want to disable all cookies. Every browser is a little different. So check your browser's help menu to find out how to change your cookies correctly.

We do not currently support Do Not Track signals as there is no industry standard for compliance.