Skip to content

Privacy policy

Sublarr is operated from Germany under the EU General Data Protection Regulation (GDPR). The legally authoritative version of this notice is the German one at /datenschutz/; what follows is an English translation for international visitors.

1. Controller

The controller responsible for the processing of personal data on this website is:

Dennis Wittke
Gögging 18a
83083 Riedering
Germany
Email: [email protected]

2. Hosting and data processing

The website runs on private home hardware in Germany (a Linux container in a private Proxmox environment) and is made reachable through a Cloudflare Tunnel. No external hosting provider is involved.

Cloudflare (Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA) terminates the TLS connection and in doing so processes IP addresses and request headers in order to provide the reverse-proxy service. A data processing agreement under Art. 28 GDPR is in place with Cloudflare.

Transfer to third countries: Cloudflare is a US company; a transfer of personal data to the United States is therefore not excluded. Cloudflare is certified under the EU-U.S. Data Privacy Framework (adequacy decision of the EU Commission, 10 July 2023), and Standard Contractual Clauses (SCC) under Art. 46 (2) lit. c GDPR additionally apply. An adequate level of data protection is therefore ensured.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in the secure and stable provision of the website).

3. Server log files

When you access this website the web server automatically collects data your browser transmits:

  • IP address (truncated after 7 days)
  • Date and time of the request
  • Requested file and HTTP status code
  • Amount of data transferred
  • Referer URL (the previously visited page)
  • User agent (browser type and version, operating system)

These data are evaluated only to ensure operation and analyse errors, and are deleted after 14 days at the latest. They are not combined with other data sources.

Legal basis for processing log files is Art. 6 (1) lit. f GDPR (legitimate interest in stable, secure operation of the website and in detecting and defending against attacks).

4. Cookies, local storage, and tracking

This website sets no cookies for tracking or analytics purposes. There are no tracking pixels, no Google Analytics, and no advertising networks embedded.

The search built into the wiki pages (Pagefind) runs entirely in the visitor's browser; no data is sent to a server for it.

Sublarr uses a single Local Storage entry sublarr-lang to remember your chosen language (German/English) across sessions. This information is not transmitted to any server.

5. External links

This website links to external services, in particular GitHub, plus the Sublarr community spaces on Discord, Reddit and HuggingFace. When you follow an external link the third-party site is opened; from that point on the privacy policy of the respective provider applies. No external fonts, JavaScript libraries or iframes that would silently establish third-party connections are embedded.

6. Your rights

You have the right at any time to obtain access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), and data portability (Art. 20). To exercise these rights, send an informal email to the address listed under section 1.

You also have the right to lodge a complaint with a supervisory authority — the competent authority is the State Data Protection Commissioner of the federal state in which the controller is established.

7. Right to object (Art. 21 GDPR)

Insofar as your data is processed on the basis of legitimate interests (Art. 6 (1) lit. f GDPR), you have the right to object to that processing at any time. This applies in particular to the processing described in section 2 (hosting, Cloudflare Tunnel) and section 3 (server log files).

In the event of an objection, your data will no longer be processed unless there are compelling legitimate grounds for the further processing (e.g., to assert, exercise or defend legal claims). An informal email to the address listed under section 1 is sufficient.

8. SSL/TLS encryption

For security reasons, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the address bar of your browser starts with https:// and a lock symbol is shown. With SSL/TLS encryption active, data you submit to this website cannot be read by third parties.

9. Changes to this policy

This privacy policy may be amended if the data processing on the website changes or new legal requirements demand it. The latest version is always available here.

As of: May 2026.