The web server hosting this site is in the European Union.
It keeps a record of what accesses it, that is:
- an IP address
- a user agent string
- a timestamp
According to the GDPR this is personal data. It is standard practice to do so on all servers: it is necessary to identify cracking attempts and other attacks.
Apart from that I do not store any information about my visitors.
The site currently does store a PHP session cookie on a visitor's machine (it is only required by the contact plugin). However, this is nothing to worry about. It does not contain personal data.