1. Information We Collect

We collect information you voluntarily provide when you:

  • Contact Us: Name, email address, and message content via our contact form
  • Book a Session: Name, email, phone number, and scheduling preferences
  • Sign a Contract: Name, email, signature, and IP address for legal verification

We also automatically collect anonymized analytics data (page views with anonymized IP addresses) to understand how visitors use our site.

2. How We Use Your Information

  • To respond to inquiries: We use contact form data to reply to your messages
  • To manage bookings: We use booking data to schedule and confirm sessions
  • To fulfill contracts: We use signing data to execute and verify agreements
  • To improve our site: We use anonymized analytics to understand site usage patterns

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Consent: When you submit a contact or booking form, you consent to processing
  • Contract Performance: When you sign a contract, processing is necessary for execution
  • Legitimate Interest: Anonymized analytics help us improve our services

4. Data Retention

  • Contact submissions: Retained for up to 2 years, then deleted
  • Booking records: Retained for the duration of the business relationship
  • Contract records: Retained for 7 years per legal requirements
  • Analytics data: Anonymized page views retained for up to 1 year
  • Consent records: Retained for 7 years as proof of consent

5. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe: Payment processing (subject to Stripe's Privacy Policy)
  • Resend: Email delivery for notifications and confirmations
  • Vercel: Website hosting and deployment
  • Neon: Database hosting (PostgreSQL)

6. Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Withdraw Consent: Withdraw consent at any time without affecting prior processing

To exercise any of these rights, please visit our Data Request page or contact us directly.

7. Cookies and Local Storage

We use browser local storage for:

  • Necessary: Theme preferences and session management
  • Functional: Editor preferences and reading progress (optional)
  • Analytics: Page view tracking with anonymized IP addresses (opt-in)

You can manage your preferences on our Cookie Preferences page.

8. IP Address Policy

IP addresses collected through analytics and form submissions are anonymized (last octet removed) before storage. Full IP addresses are only retained for contract signing as part of the legal audit trail.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encrypted database connections, secure hosting, and access controls.

10. Changes to This Policy

We may update this policy from time to time. The "Last Updated" date at the top of this page reflects the most recent revision.

11. Contact Us

For questions about this privacy policy or to exercise your data rights, please use our contact form or visit the Data Request page.