legal
Privacy
What this site collects
This site is a single page with a contact form. The form collects:
- The name you type
- The email you type
- The message you type
- A hashed IP address (one-way HMAC, used only for rate-limiting)
- The timestamp of submission
That’s it. No cookies. No tracking pixels. No third-party advertising scripts.
What this site does NOT collect
- Your real IP address (only an HMAC of it)
- Browser fingerprint
- Cross-site identifiers
- Location data beyond what your IP reveals (which we hash and discard)
- Analytics about your behaviour on this page
A privacy-friendly visitor counter (Cloudflare Web Analytics) runs on this page. It counts page views without setting cookies, without fingerprinting, and without tracking individuals.
What happens to your message
When you submit the form, the contents are sent by email to the site owner via Resend. Resend stores a copy of the outgoing message in its sending logs for ~30 days for delivery diagnostics, then deletes it.
The site owner reads the message and may reply to the email address you provided. Your message and email are not added to any mailing list, not sold, not shared with third parties.
Hashed IP rate-limiting
To prevent abuse, the site rate-limits form submissions per IP address per hour. The IP is one-way hashed with a secret key (HMAC-SHA256) and stored in Cloudflare KV for one hour, then auto-expires. The raw IP is never stored.
Your rights (GDPR, CCPA, and similar)
You have the right to:
- Know what we hold about you — for this site, the answer is just whatever you sent in the contact form
- Delete any information about you — to request deletion, send a message via the contact form titled “delete my data”
- Object to processing — same channel
- Lodge a complaint with your local data protection authority
Cookies and similar storage
This site uses three categories of cookies and local storage. You control which categories you accept via the cookie banner on first visit and the “Cookie preferences” link in the footer.
Strictly necessary (always on)
| What | Purpose | Storage | Retention |
|---|---|---|---|
__cf_bm cookie | Cloudflare bot management (set by infrastructure, not by us) | Cookie | Session |
| Form rate-limit counter | Prevent abuse of contact forms (one-way HMAC of your IP, never the raw IP) | Cloudflare KV | 1 hour TTL, auto-expires |
These cannot be disabled — the site won’t function without them.
Analytics (opt-in)
| What | Purpose | Storage | Retention |
|---|---|---|---|
| Cloudflare Web Analytics | Aggregated, cookieless traffic stats: page views, top referrers, top countries. No individual tracking. | None on your device | 60 days at Cloudflare |
Off by default. Enable via the cookie banner or preferences modal.
Functional (opt-in)
| What | Purpose | Storage | Retention |
|---|---|---|---|
| Form save-and-resume | Lets you close and reopen a form without losing your progress | localStorage | Until you submit or clear browser data |
Off by default. Enable via the cookie banner or preferences modal.
Your consent record
When you make a cookie choice, we store your selection in localStorage as:
{
"version": "2026-05-25",
"timestamp": <epoch ms>,
"necessary": true,
"analytics": <true|false>,
"functional": <true|false>
}If we change this cookie policy, the version bumps and you’ll see the banner again. Your previous choice is preserved until you make a new one.
Changes to this policy
Material changes will be reflected in the date at the top of this page.
Contact
Use the contact form on the home page for any privacy-related questions.