Privacy Policy

Last updated:

This site (https://www.rzamann.com) is a personal portfolio operated by Rokon Zaman. This page describes what data the site collects, why, and your options.

What we collect

Privacy-respecting visitor analytics

We use Vercel Web Analytics and Vercel Speed Insights to measure aggregate traffic and performance. These tools are cookieless and do not store any personally identifiable information. They do not use cross-site identifiers, do not fingerprint devices, and do not require a consent banner under GDPR / ePrivacy because no personal data is processed.

What we see (aggregated only):

  • Page views, top pages, referrers
  • Country (derived from IP — IP itself is discarded)
  • Browser, operating system, device type
  • Core Web Vitals (LCP, CLS, INP) sampled per route for performance debugging

More: Vercel Analytics privacy policy.

Contact form messages

If you submit the contact form, the message body and the email address you provide are stored in our database so we can reply and so we can spot spam patterns. We also store metadata about the submission (IP-derived geographic data, browser fingerprint hash, timezone) for anti-spam purposes. We do not share or sell this data. Email us at roman@rzamann.com to request deletion.

Anonymous reactions

The 👍 🔥 💫 ✨ reactions on blog posts and project pages are anonymous. We do not store your IP. We store a short hash (SHA-256 truncated) of your IP + User-Agent + a server-side secret, used only to prevent you from reacting many times to the same post. The hash cannot be reversed to identify you.

Comments (Giscus / GitHub Discussions)

Comments are powered by Giscus, which stores comments as GitHub Discussions on a separate public repository. Posting a comment requires signing in with GitHub. Comments and reactions to comments are subject to GitHub's privacy policy. We do not see your GitHub credentials.

Spotify embed

The mini-player loads Spotify's embed iframe only after you click play. Once loaded, Spotify may collect data per its own privacy policy. We do not control that data flow.

Service worker cache

For offline support, a service worker caches pages and assets you visit in your own browser's local storage. Nothing is sent to us. You can clear it via your browser's site-data settings.

Affiliate links

Some links on the /uses page are affiliate links — buying through them may earn a small commission at no cost to you. Affiliate buttons are labelled and use rel="sponsored nofollow noopener". As an Amazon Associate I earn from qualifying purchases.

What we don't do

  • No advertising trackers
  • No third-party cookies
  • No selling of data
  • No cross-site profile building
  • No newsletter or marketing list

Your rights (GDPR / CCPA)

You can ask what data we hold about you and request its deletion. Email roman@rzamann.com.

Changes

We may update this policy occasionally. Material changes will update the "Last updated" date at the top. Continued use of the site after changes constitutes acceptance.

Contact

Questions: roman@rzamann.com.