C
Cyflogic

Privacy Policy

Last updated: May 15, 2026

This Privacy Policy explains what personal data Cyflogic (“we”, “us”, “our”) collects when you visit cyflogic.com, how we use it, who we share it with, and the rights you have over it. We have written it in plain language and grouped the technical details into clearly labeled sections so you can find what you need quickly.

If you have any question about this policy, write to [email protected].

1. Who is responsible for your data

The controller of personal data collected through this site is Cyflogic, the operator of cyflogic.com. We can be reached at [email protected] for any privacy matter, including requests to exercise the rights described below.

2. What we collect and why

We try to keep data collection narrow. The categories below are everything we collect through normal use of the site.

2.1 Information you give us

  • Comments. If you post a comment on an article, we collect the name, email address, and any optional website URL you provide, along with the comment text. We also record the IP address and user agent of the browser used to post the comment for spam detection.
  • Contact form. If you reach out through our contact form, we collect the name, email address, subject line, and message you send us, plus any information you choose to include in the message itself.
  • Newsletter signup. If you subscribe to our newsletter, we collect the email address you provide and a timestamp of your subscription. We use this only to send the newsletter and to honor unsubscribe requests.

2.2 Information we collect automatically

  • Analytics. We use a privacy-respecting analytics tool to understand how visitors use the site at an aggregate level. This collects information such as pages viewed, approximate location (country and region, not precise location), referring website, device type, browser, and the time of the visit. We do not use cross-site tracking cookies for advertising and we do not build personal profiles for targeting.
  • Server logs. Our hosting provider records standard request logs including IP address, timestamp, and the URL requested. These logs are kept for a short period for security and abuse prevention.

2.3 What we do not collect

We do not knowingly collect data from anyone we believe to be under 16. We do not sell personal data. We do not run third-party advertising or remarketing on this site, and we do not allow third parties to use the site to track you for advertising purposes.

3. Legal bases (EU/UK visitors)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR and UK GDPR:

  • Consent (Article 6(1)(a)) for the newsletter and for any optional analytics or cookies that require consent in your jurisdiction. You can withdraw consent at any time.
  • Performance of a contract (Article 6(1)(b)) where we need to act on your request, for example replying to a contact form message.
  • Legitimate interests (Article 6(1)(f)) for security, abuse prevention, and basic analytics. Our legitimate interest is operating a safe website and understanding aggregate readership. You have the right to object to processing on this basis.

4. How we use what we collect

We use personal data only for the purposes for which it was collected:

  • To publish your comments and reply to them where appropriate.
  • To respond to contact form messages.
  • To send the newsletter you subscribed to and to manage your subscription.
  • To understand which content is read and to improve the site.
  • To protect the site from spam, fraud, and abuse, and to comply with legal obligations when required.

5. Who we share data with

We share personal data only with the small set of vendors required to run the site, and only for the purposes described above. These include:

  • Hosting and content delivery providers that store the site and serve it to your browser.
  • Email service providers that deliver our newsletter and transactional email.
  • Analytics provider that processes anonymized usage data on our behalf.
  • Spam filtering provider for the comments system.

Each of these vendors processes data on our instructions under a data processing agreement. We do not share personal data with advertisers, data brokers, or anyone else for marketing purposes that you have not authorized.

We may disclose personal data if required to do so by law, in response to a valid legal process, or to protect the rights, property, or safety of Cyflogic, our readers, or the public.

6. International transfers

Some of our service providers operate in countries outside the European Economic Area or the United Kingdom, including the United States. Where personal data is transferred outside your country of residence, we rely on appropriate safeguards under Article 46 of the GDPR, including the European Commission’s Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework. You can request a copy of the safeguards by writing to [email protected].

7. How long we keep data

  • Comments are retained for as long as the related article remains published, so that the conversation stays intact for readers. You can ask us to delete your comments at any time.
  • Contact form messages are retained for up to 24 months after the last reply, then deleted.
  • Newsletter subscriptions are retained until you unsubscribe. After unsubscribing, we keep a record of the unsubscribe itself so we do not accidentally email you again.
  • Analytics data is retained at the aggregate level for up to 24 months.
  • Server logs are retained for up to 90 days.

8. Your rights

8.1 EU/UK rights

If you are in the EEA or the UK, you have the following rights under the GDPR and UK GDPR:

  • Right of access to the personal data we hold about you.
  • Right to rectification of inaccurate data.
  • Right to erasure (“right to be forgotten”) in certain circumstances.
  • Right to restrict processing in certain circumstances.
  • Right to data portability, where applicable.
  • Right to object to processing based on legitimate interests.
  • Right to withdraw consent where we relied on consent.
  • Right to lodge a complaint with your local supervisory authority. In Ireland, that is the Data Protection Commission; in the UK, the Information Commissioner’s Office. You can also complain to the authority in the EU member state where you live or work.

8.2 California rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you the following rights:

  • The right to know what personal information we collect, use, and disclose about you.
  • The right to delete personal information we hold about you.
  • The right to correct inaccurate personal information.
  • The right to opt out of the sale or sharing of your personal information. We do not sell personal information and we do not share it for cross-context behavioral advertising.
  • The right to limit the use of sensitive personal information. We do not collect sensitive personal information as defined by the CPRA.
  • The right not to be discriminated against for exercising any of these rights.

You can exercise any of these rights by writing to [email protected]. We will verify your request to the extent reasonable and respond within the timelines required by law (generally 30 days for GDPR requests and 45 days for CCPA requests, with possible extensions). An authorized agent may submit a request on your behalf with proof of authorization.

9. Cookies

We use a small number of cookies and similar technologies. Full details, including the categories of cookies, the purposes they serve, and how to control them, are in our Cookie Policy.

10. Security

We apply reasonable technical and organizational measures to protect personal data against loss, misuse, and unauthorized access. These include encryption in transit, access controls on administrative interfaces, and regular updates of the software the site depends on. No method of transmission over the internet is fully secure, but we work to keep risk low and to respond quickly to any incident.

11. Children

The site is intended for a general professional audience and is not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date at the top and, where appropriate, notify subscribers by email or post a notice on the site. Continued use of the site after a change indicates that you accept the updated policy.

13. Contact

For any privacy matter, including questions about this policy or requests to exercise your rights, contact us at [email protected].

No spam. Unsubscribe anytime.