logo

Privacy Policy

Last updated: November 05, 2025

This website is a personal portfolio operated by Mauro Fontanari. I care about your privacy and collect only what is necessary to run the site, understand aggregate usage, and respond to messages you intentionally send.

What data I collect

If you use the contact form

  • Full name, email address, and your message (you provide these)
  • Anti‑spam fields: a hidden honeypot value and a render timestamp used to block bots (not intended to identify you)
  • Technical metadata added server‑side on receipt: IP address and user agent

When you submit, your message is forwarded to me via a Discord webhook so I can read and respond. No marketing emails are sent and your data is not sold.

When you browse the site

I use Umami, a self-hosted analytics platform, to capture privacy‑friendly, aggregate metrics (page views, performance, basic engagement, user interactions). This platform does not use cookies and does not collect personally identifying information. All analytics data is stored on my own infrastructure and is not shared with third parties.

How I use the data

  • Respond to your contact messages
  • Prevent spam and abuse (honeypot, minimal timing checks, rate limiting)
  • Measure site traffic and performance in aggregate

Legal bases (EU/UK visitors)

  • Contact messages: legitimate interest (to respond) or consent (because you choose to send)
  • Anti‑spam and rate limiting: legitimate interest
  • Analytics: legitimate interest in improving the site using aggregate, cookie‑less measurements

Sharing and processors

  • Hosting is provided on self-hosted infrastructure. Analytics data is processed by Umami, a self-hosted analytics platform running on my own infrastructure.
  • Contact messages are transmitted to my Discord account via a Discord webhook so I can receive notifications.
  • I do not share data with advertisers and I do not sell personal data.

Retention

  • Contact messages: kept as long as needed to handle your inquiry and for reasonable record‑keeping in my Discord message history, after which I delete them where practicable.
  • Anti‑spam timing values are transient; rate‑limit counters are temporary in‑memory values.
  • Analytics: only aggregate metrics are retained, stored on my self-hosted infrastructure. I retain analytics data for up to 2 years for site improvement purposes.

Security

Reasonable technical and organizational measures are used (for example, minimal collection, HTTPS, rate limiting). No method is 100% secure, but I aim to collect the least amount of data needed.

Your rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data. To exercise these rights, contact me at the email below.

Children

This site is not directed to children under 13. I do not knowingly collect data from children.

Changes

I may update this policy from time to time. Updates will be posted on this page with a revised “Last updated” date.

Contact

Email: [email protected]