Privacy
Minimal data and explicit flows
This policy explains how Marez Code processes site data. The controller's complete legal identification details are pending confirmation by the owner.
Controller
The data controller is the owner of Marez Code. The complete legal name, tax identifier and professional address are pending confirmation. The available privacy contact is javier@marezcode.com.
Contact and purpose
The form requests a name, email, subject, message and confirmation that this information has been provided. The API validates the data and delivers it through SMTP to Marez Code's mailbox to answer the inquiry or take requested steps before a possible professional relationship. The message is not stored in the database or included in logs; the received copy may remain in the mailbox for as long as needed to manage the conversation and applicable obligations.
First-party analytics
The site performs first-party audience measurement strictly limited to traffic, performance and per-page action statistics. It does not use Google Analytics, Matomo, pixels, external analytics scripts or analytics cookies, and it does not combine the information with other processing or sites.
Technical data
Processing may include normalized path, language, UTC date, referrer domain, sanitized campaign fields, general device category, viewport range, general browser and operating system, event type and non-sensitive status.
Ephemeral identifier
The tab may create a random sessionStorage value to group events in that session. It disappears when the session closes, is not shared across domains and is not used to identify the visitor.
Excluded data
Analytics does not store IP, truncated IP, IP hashes, geolocation, fingerprints, names, email, phone numbers, form content, advertising identifiers or URLs with sensitive parameters.
Retention
The initial configuration keeps detailed events for 90 days and daily aggregates without personal data for 24 months. An automated process removes expired data.
Service providers
Hosting, database and email providers may process data only to provide their services. Data is not sold or disclosed for advertising. Any international transfer arising from a provider's infrastructure must be covered by the safeguards required by applicable law.
Private dashboard and security
The administration dashboard uses a strictly necessary technical cookie with Secure, HttpOnly and SameSite Strict attributes, limited to the backend. There is no public registration. Access control, validation, minimization, HTTPS and limited retention are applied.
Rights and contact
You may request access, rectification, erasure, objection, restriction or portability where applicable by writing to javier@marezcode.com. You may also complain to the competent supervisory authority. Identity verification will be required before a request is fulfilled.
Updates
Last updated: 13 July 2026. Pending legal details must be completed when confirmed by the owner; any material processing change will be reflected on this page.