Privacy Policy

Last updated: January 23, 2026

This privacy policy explains how we collect, use, and protect your personal data when you visit our website. We are committed to protecting your privacy and being transparent about our data practices.

Data Controller

The data controller responsible for your personal data is Fabbio Protopapa, the owner of this blog. For privacy inquiries, please contact us using the information provided at the bottom of this page.

What Data We Collect

Essential Data (Required)

We store the following data locally in your browser (localStorage):

• Cookie consent preferences - Your choices regarding cookies and tracking

This data is stored only in your browser and is never transmitted to our servers. It is necessary for basic website functionality.

Preferences (Optional)

We store the following preference data locally in your browser (localStorage):

• Theme preferences - Your choice of light or dark mode

This data is stored only in your browser and is never transmitted to our servers.

Analytics Data (Optional)

If you consent to analytics, we collect anonymized usage data using a self-hosted instance of Umami analytics at prov.tuxownia.pl. Umami is a privacy-respecting analytics tool:

• No cookies - Umami does not use any cookies
• IP addresses are hashed - Your IP address is hashed and never stored in plain text
• No tracking - It is not possible to track visitors across third-party websites or identify individual users
• Data is anonymous - All collected data is fully anonymized

Only aggregated statistics are collected, such as:

• Pages visited
• Referring pages
• Browser type and device information
• Approximate geographic location (country/region and city level)

Server Access Logs

Our server automatically records access logs for security and diagnostic purposes. These logs are fully anonymized - IP addresses are truncated, making it impossible to identify individual users. Anonymized logs are used solely for security monitoring and troubleshooting technical issues.

YouTube Embedded Content (Optional)

Our blog posts may include embedded YouTube videos. If you consent to YouTube cookies, these videos will be loaded from YouTube servers. When you play a video, YouTube:

• Will receive your IP address
• May set cookies to track viewing behavior
• May use this data according to their own privacy policy

We use YouTube's privacy-enhanced mode (youtube-nocookie.com) to minimize tracking, but some data collection by YouTube may still occur when you play videos.

View YouTube/Google Privacy Policy

Remark42 Comment System (Optional)

Our website uses the Remark42 comment system, which is self-hosted on our server (remark.bytesandweb.pl). When you post a comment, we collect the following data:

• Display name - freely chosen by the user, publicly visible
• Comment content - publicly visible on the site
• IP address - stored as a hash, used to prevent abuse (also for anonymous users)
• Verification email - if you verify your account via email, it is stored as a hash
• Notification email - if you want to receive reply notifications, we store your email in plain text

Data Stored in Your Browser (localStorage)

The comment system stores the following data locally in your browser:

• Login state - to maintain your login session
• Comment drafts - to preserve unfinished comments

This data is stored in your browser's localStorage and can be deleted by the user in browser settings.

Comment Data Stored on Server

• Comments and associated metadata are stored as long as the comment exists
• Notification email is stored as long as the user is subscribed to comment threads
• IP addresses are hashed and never stored in plain text

Your Rights Regarding Comments

You can view your stored data and request its deletion:

1. Verify yourself using the email address you used to comment
2. Click on your avatar to open the user panel
3. In the same window, you can view your data and request its deletion
4. To delete your data, send the generated email to our contact address

Email Notifications

For sending reply notifications and email verification, we use Zoho Mail. Zoho processes data in compliance with GDPR. Zoho Privacy Policy.

Sent messages and related information are retained for moderation purposes and deleted after five days.

All data is transferred securely and encrypted.

Learn more about Remark42

Legal Basis for Processing

We process your personal data on the following legal bases:

• Consent - For preferences, analytics, YouTube, and the comment system, which you can grant or withdraw at any time
• Legitimate interest - For essential functionality

Your Rights under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access - You can request a copy of your personal data
• Right to rectification - You can request correction of inaccurate data
• Right to erasure - You can request deletion of your data
• Right to restrict processing - You can request restriction of processing
• Right to data portability - You can request your data in a portable format
• Right to object - You can object to processing based on legitimate interest
• Right to withdraw consent - You can withdraw consent at any time

Managing Consent

You can manage your privacy preferences at any time by clicking the "Cookie Settings" link in the footer of any page. This will allow you to:

• View your current consent choices
• Enable or disable preferences (e.g., theme)
• Enable or disable analytics (no cookies)
• Enable or disable YouTube video loading
• Enable or disable the comment system

To completely remove all stored data, you can clear your browser's localStorage for this website in your browser settings.

Data Retention

Local data (theme preferences, consent choices) is stored in your browser until you clear it. We do not store this data on our servers.

Analytics data is fully anonymized and aggregated - we do not store any data that would allow identification of individual visitors. IP addresses are hashed and never stored in plain text.

Our servers are located in Europe. We use best practices to restrict access to data. All data is transferred to and from our servers using secure, encrypted protocols.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This website is served over HTTPS to ensure encrypted communication.

Third-Party Services

We may use the following third-party services:

• Umami Analytics - Privacy-respecting analytics (self-hosted)
  Hosted on: prov.tuxownia.pl
  No cookies, IP addresses hashed, data fully anonymized
  Learn more about Umami
• YouTube (Google) - For embedded video content
  YouTube Privacy Policy
• Remark42 - Self-hosted comment system
  Hosted on: remark.bytesandweb.pl
  Learn more about Remark42
• Zoho Mail - Email service for comment notifications and verification
  Zoho Privacy Policy

Children's Privacy

This website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by updating the "Last updated" date at the top of this page.

Contact Us

If you have any questions about this privacy policy or wish to exercise your rights, please contact us:

• Email: fprotopapa@bytesandweb.pl

Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.