Privacy Policy
Last updated: June 01, 2026
1. Data Controller
The data controller for this website is the registered user (portfolio owner). Contact information is available on the user's public profile page.
2. What Data We Collect
We collect and process the following data:
- Account data: username, email address, first name, last name (provided during registration)
- Profile data: address, phone number, current position, profile image, professional descriptions
- Content data: projects, skills, work experience, education history
- Chat data: messages sent to the AI chatbot (processed via Groq API, not stored permanently)
- Technical data: IP address, browser type, session cookies
3. Legal Basis for Processing (GDPR Art. 6)
- Contract: Processing necessary for the performance of our service (account creation, portfolio display)
- Consent: For optional profile fields and marketing communications
- Legitimate interests: Website security, fraud prevention, service improvement
4. How We Use Your Data
- To provide and maintain the portfolio service
- To display your public profile to visitors
- To provide AI-powered chat assistance (messages are sent to Groq API)
- To send transactional emails (password reset, account notifications)
- To ensure website security and prevent abuse
5. Data Sharing
We do not sell your personal data. Data may be shared with:
- Groq (AI chat): Chat messages are sent to Groq API for processing. See Groq Privacy Policy
- Hosting provider: Your data is stored on our VPS server
- Legal obligations: When required by law or court order
6. Data Retention
- Account data: retained until account deletion
- Chat messages: not stored permanently, processed in real-time
- Session cookies: expire when browser is closed or after 2 weeks
- Backup data: retained for up to 30 days
7. Your Rights (GDPR)
You have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure ("right to be forgotten"): Request deletion of your data
- Restriction: Limit how we process your data
- Portability: Receive your data in a structured format
- Objection: Object to processing based on legitimate interests
- Withdraw consent: At any time for processing based on consent
8. Cookies
We use essential cookies for:
- Session management (django session cookie)
- CSRF protection (security token)
- User authentication status
We do not use tracking or advertising cookies.
9. Security
We implement appropriate technical measures including:
- CSRF tokens on all forms
- Password hashing (PBKDF2)
- HTTPS encryption (when enabled)
- Regular backups
10. Children's Privacy
This service is not intended for users under 16 years of age. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this policy. Changes will be posted on this page with an updated "Last updated" date.
12. Contact
For privacy-related inquiries, please contact the portfolio owner through the contact information on their profile page.