UrT.li UrT.li URBAN TERROR REPO
Discord Upload
Policy Page

GDPR - Data Processing Information

This document explains how UrT.li handles personal data in practice: what is collected, why it exists, who can access it, and how rights requests are handled.

Last updated: 2026-03-30 22:41:48 (server time)

1. Data Controller And Contact

UrT.li is the controller of data processed through this service.

To speed up handling, include context such as date/time, URL, request ID, or filename.

2. What We Process

We process only what is needed to run the service, moderate content, and protect infrastructure.

  • Technical logs (IP, user-agent, URI, timestamp).
  • Moderation workflow data (nickname, contact, asset, decision note, revision trail).
  • Download metadata (requested file, time, technical anti-abuse signals).
  • Strictly necessary session/technical cookies.

3. Purposes And Legal Bases

We process personal data under Article 6 GDPR, depending on the purpose. Each processing activity is limited to what is strictly necessary for that purpose.

  • Service operation and delivery (Article 6(1)(b) - performance of a service): used to deliver pages/files, keep request tracking links functional, and maintain normal platform operation. Typical data: technical request metadata, route/access context, and request identifiers.
  • Security, anti-spam, and anti-abuse (Article 6(1)(f) - legitimate interest): used to detect suspicious traffic, rate-limit abusive behavior, and protect availability/integrity of the service. Typical data: IP, user-agent, request timing, and anti-abuse signals.
  • Moderation and repository integrity (Article 6(1)(f) - legitimate interest): used to review submitted changes, preserve revision history, ensure accountability of decisions, and prevent tampering or conflicting moderation actions. Typical data: reporter/moderator metadata, decision notes, revision and lock history.
  • Legal and regulatory compliance (Article 6(1)(c) - legal obligation): used when required by applicable law, valid legal requests, or mandatory retention/compliance duties.
When legitimate interest is used as legal basis, processing is scoped to security and operational necessity, with minimization and access controls applied by default.

4. Access, Retention, And Minimization

Access is role-based and restricted to authorized personnel. Some data is processed by infrastructure providers for hosting and operations.

Retention is tied to security and operational necessity. Data is reviewed and minimized regularly (deletion/anonymization when possible).

5. Your GDPR Rights

You may request access, correction, deletion, restriction, objection, or consent withdrawal when consent is the legal basis.

You may also lodge a complaint with your competent supervisory authority.

Include enough detail so the team can identify and process your request safely.

6. Security Measures (Summary)

  • Public/private route separation and access controls.
  • Operational logging and anti-abuse monitoring.
  • Sanitization of user-generated content before rendering.
  • Least-privilege and minimization by default.

7. EU Hosting Providers

UrT.li is hosted across multiple European providers:

Provider Company Details Contact / Registry
Contabo Contabo GmbH, Aschauer Strasse 32a, 81549 Munich, Germany Phone: +49 89 3564717 70
Email: [email protected]
HRB 180722 - AG Munich
VAT: DE267602842
Scaleway Scaleway SAS, 8 rue de la Ville-l'Eveque, 75008 Paris, France Phone: +33 (0)1 84 13 00 00
SIREN: 433 115 904 RCS Paris
VAT: FR35 433115904
Postal: BP 438, 75366 Paris Cedex 08, France
Hetzner Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany Phone: +49 (0)9831 505-0
Email: [email protected]
HRB 6089 - Ansbach
VAT: DE812871812
GDPR: [email protected]