🇩🇪 Deutsch

Privacy Policy

What Breaks — Used Car Weakness Database
Last updated: March 2026

1. Data Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Thorsten Habig
Am Erlengraben 9
56357 Hainau, Germany
Email: hello@what-breaks.com

2. What Data Do We Collect?

What Breaks is a static informational website. We keep data collection to an absolute minimum:

  • No user accounts — there is no registration, login, or profile.
  • No cookies — we do not set any cookies.
  • No personal data forms — we do not collect email addresses, names, or any personal information.
  • No tracking pixels or third-party analytics — we use Umami, a privacy-focused, cookieless analytics tool hosted on our own servers in Germany.

3. Analytics (Umami)

We use Umami for anonymous, aggregated website analytics. Umami is self-hosted on our servers in Germany and:

  • Does not use cookies
  • Does not collect personal data
  • Does not track users across websites
  • Does not store IP addresses
  • Complies with GDPR, CCPA, and PECR without requiring consent

We collect only aggregated metrics: page views, referrer domains, browser type, and country (derived from anonymized IP, not stored). No individual user can be identified.

4. Affiliate Links

Our vehicle pages contain affiliate links to eBay (via eBay Partner Network). When you click a parts search link:

  • You are redirected to ebay.de/ebay.com with an affiliate tracking parameter in the URL
  • eBay may set their own cookies on their domain — this is governed by eBay's privacy policy
  • We receive anonymized commission reports from eBay (no personal data about you)

5. Hosting

This website is hosted on servers in Germany operated by Hetzner Online GmbH. When you visit our website, your browser automatically transmits certain technical data (IP address, browser type, operating system, referrer URL, time of access). This data is processed for the technical delivery of the website and is deleted from server logs within 7 days. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in stable website operation).

6. Your Rights

Under the GDPR, you have the right to:

  • Request information about your stored data (Art. 15 GDPR)
  • Request correction of inaccurate data (Art. 16 GDPR)
  • Request deletion of your data (Art. 17 GDPR)
  • Restrict processing (Art. 18 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Lodge a complaint with a supervisory authority

Since we do not collect personal data beyond server logs, these rights are largely moot in practice. If you have questions, contact us at hello@what-breaks.com.