← Back

Legal

Privacy Policy

Last updated: 14 April 2026

This Privacy Policy describes how personal data submitted through this website is collected, used, and protected, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Italian data protection law.

Data Controller

Keivan Tayebipour — Italy.
For any privacy-related request, use the contact form on the main page.

Data We Collect

This website collects personal data only when you voluntarily submit the contact form. The data collected is:

  • First and last name
  • Email address
  • Company or organisation name (optional)
  • The content of your message

No other personal data is collected. This website does not use tracking pixels, advertising networks, or any form of behavioural profiling. Anonymised, aggregated traffic data is collected via Cloudflare Web Analytics (see Data Processors below).

Cookies

This website sets no cookies of any kind — neither first-party nor third-party. All fonts and assets are served directly from this domain. A single third-party script is loaded from Cloudflare (static.cloudflareinsights.com) solely for cookieless, anonymised traffic measurement.

Legal Basis for Processing

Processing is based on your freely given, specific, and informed consent (Art. 6(1)(a) GDPR), expressed by voluntarily completing and submitting the contact form. You may withdraw consent at any time by contacting us.

How Your Data Is Used

Form submissions are used exclusively to respond to your inquiry. Data is not sold, shared with third parties for marketing purposes, or used for any purpose beyond direct communication.

Data Processors

Form data is transmitted and delivered via Resend (Resend Inc., USA), which acts as a data processor under a Data Processing Agreement. Resend processes your data solely to deliver the email notification to the data controller. This constitutes a transfer of personal data to a third country (USA); Resend relies on Standard Contractual Clauses (SCCs) as the legal transfer mechanism pursuant to Art. 46 GDPR.

The website is hosted on Cloudflare Pages (Cloudflare Inc., USA). Cloudflare may process connection metadata (IP address, request logs) as part of its infrastructure and security services. Cloudflare acts as a data processor and complies with GDPR via SCCs.

This website uses Cloudflare Web Analytics (Cloudflare Inc., USA) for cookieless, anonymised traffic measurement. No personal data or persistent identifiers are collected. Data is aggregated and does not allow identification of individual visitors.

This website uses Cloudflare Turnstile (Cloudflare Inc., USA) to protect the contact form from automated spam. Turnstile analyses browser interaction signals to verify that a submission originates from a real user. No cookies are set and no persistent identifiers are stored. Cloudflare acts as a data processor under SCCs pursuant to Art. 46 GDPR.

Retention

Email notifications containing form data are retained in the data controller's inbox for as long as necessary to fulfil the purpose of the communication, and deleted thereafter. No database of submissions is maintained beyond the email inbox.

Your Rights

Under GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Restriction — request that processing be restricted
  • Objection — object to processing based on legitimate interest
  • Portability — receive your data in a structured, machine-readable format
  • Withdraw consent — at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, contact the data controller via the contact form. You also have the right to lodge a complaint with the Italian data protection authority: Garante per la protezione dei dati personali.

Security

All data in transit is protected by TLS 1.2 or higher. This website enforces HTTPS for all connections and applies strict HTTP security headers (Content Security Policy, HSTS, and others) to protect visitors from common web attacks.

This policy may be updated to reflect changes in applicable law or in data processing practices. The date at the top of this page indicates when it was last revised.