Cookie & Privacy Policy
This page explains what data this site collects, where it is stored, and why. There are no third-party trackers, advertising networks, or social media pixels.
Browser storage
Two entries are written to localStorage in your browser. This data never leaves your device and is never sent to the server.
| Key | Purpose | Expires |
|---|---|---|
| theme | Remembers your light / dark mode preference so it persists across visits. | Persistent (until cleared) |
| cookie-consent | Stores your cookie consent decision so the banner is not shown on every visit. | Persistent (until cleared) |
Server-side data collection
The following data is collected server-side (not in your browser) when you visit or interact with the site. All data is stored on a self-hosted database and is never shared with third parties.
| Event | What is recorded | Why | Retention |
|---|---|---|---|
| Page view | Post slug, approximate country, bucketed referrer source (e.g. 'search', 'social', or the referring hostname), and a one-way hash of your IP address. | First-party analytics to understand which posts are read and where visitors come from. The raw IP address is never stored. | Indefinite (aggregated data; no personal identifiers stored) |
| Comment | Name, email address, and comment text. | To display your comment on the post and to verify your email before publishing. Email is deleted from the database once a comment is approved. | Name and comment text: as long as the comment is live. Email: deleted on approval. |
IP address handling
Your IP address is used only to determine your approximate country and to estimate unique visitor counts. It is immediately converted to a one-way cryptographic hash (HMAC-SHA256) — the raw IP address is never written to disk. The hash cannot be reversed to recover the original address.
Third-party services
This site uses a small number of third-party services for specific purposes. No advertising networks, social media trackers, or analytics platforms are used. Fonts are self-hosted at build time — no runtime requests are made to Google or any other font provider.
| Service | Purpose | Data sent | Triggered by |
|---|---|---|---|
| SMTP2GO | Transactional email delivery — comment verification emails and contact form submissions. | Email address, name, and message content as entered by you. | Submitting the contact form or posting a comment. |
| ip-api.com | IP geolocation — used server-side to determine the approximate country of a page view. | Your IP address (sent from the server, not your browser). Only country-level data is retained. | Visiting a blog post, if analytics consent is given. |
Withdrawing consent
You can clear browser-stored data at any time through your browser's developer tools (Application → Local Storage) or by clearing site data. Doing so will reset your theme preference and show the consent banner again. Server-side analytics data (page views) is anonymised by design and cannot be attributed back to you.
Questions
If you have any questions about this policy, feel free to reach out via the contact page.
Manage your consent
Changed your mind? Click below to clear your stored consent and bring back the cookie banner.
No consent decision stored yet — the banner will appear on your next visit.
Last updated: April 2026