Legal notice
Privacy and imprint
Media owner and service provider
Ing. Fabian Wimberger
Am Sonnenhang 11, 4240 Freistadt, Austria
contact@fabianwimberger.at
Purpose
Policy-controlled web proxy for approved public websites. No goods or services are sold on this website.
Privacy
The application requires login. Session cookies are technically necessary and are set with HttpOnly and SameSite=Strict; the Secure attribute is enabled for HTTPS deployments unless explicitly disabled for local/plain HTTP use. The app shell uses no analytics, social plugins, external fonts, or third-party scripts.
Account data is stored on the server: username, password hash and salt, session token hash, CSRF token, creation and update timestamps, and short-lived login-attempt keys for rate limiting. Login-attempt keys are kept in memory for about 15 minutes.
Proxy request counters are stored per client IP address in memory for the configured rate-limit window. By default the window is 60 seconds, and expired counters are removed automatically.
Addresses typed into the browser bar are sent to the server-side proxy so approved public pages can be fetched, rewritten, and returned to your browser. Private networks, unsupported protocols, and denied hosts are blocked. Approved target sites receive a request from the proxy infrastructure and can process the requested URL, user agent, Accept and Accept-Language headers, timestamp, and proxy IP address under their own terms and privacy notices.
Server logs may process IP address, timestamp, requested URL, referrer, user agent, and HTTP status for delivery, security, and troubleshooting. Legal basis: legitimate interest under Art. 6(1)(f) GDPR. Recipients are the hosting provider and technical service providers. Logs are rotated by size and kept only as long as required for those purposes.
Acceptable use
Use the proxy only for approved public websites you are allowed to access through this service. Respect target-site terms, copyright, robots policies, and rate limits. Proxied pages can run their own scripts and load their own assets through the proxy under the target site's terms and privacy notices.
Your rights
You may request access, rectification, erasure, restriction, portability, or object to processing. You may lodge a complaint with the Austrian Data Protection Authority at dsb.gv.at.