Legal
Privacy Policy
How this website processes personal data
This privacy policy explains how personal data is processed when you visit this website or submit a contact enquiry.
1. Controller
Haroun Ahmad
Zürich, Switzerland
Email: [email protected]
Haroun Ahmad is responsible for the processing described in this privacy policy.
2. Data processed
Website access
When you access this website, technical data necessary to deliver and protect the website may be processed. This may include:
- IP address
- requested page or resource
- date and time of access
- browser and device information
- referrer information
- security and request metadata
This data is processed primarily by Cloudflare as the website hosting, delivery and security provider.
Contact form
When you submit the contact form, the following information is processed:
- name
- email address
- company name (optional)
- message
- submission time
- technical information associated with the request
This information is required to receive, assess and respond to your enquiry.
Submissions are delivered to the operator by email and are not intentionally stored in a separate database on this website. The receiving mailbox and email provider retain the resulting message as described below.
Do not submit passwords, authentication credentials, private keys, production data, vulnerability details concerning third parties, or other highly sensitive information through the contact form.
Bot and abuse protection
The contact form uses Cloudflare Turnstile together with additional automated checks (such as a hidden decoy field) to detect automated submissions and other abuse.
Turnstile processes technical signals concerning the browser, device and request. It may use strictly necessary browser storage or security mechanisms required to perform the verification. It is not used by this website for advertising or behavioural profiling.
3. Purposes
Personal data is processed for the following purposes:
- delivering and operating the website
- protecting the website against attacks, spam and abuse
- receiving and responding to enquiries
- evaluating possible consulting engagements
- delivering contact-form submissions by email
- diagnosing technical problems
- complying with legal obligations
- establishing, exercising or defending legal claims
Contact-form information is not used for unrelated marketing without separate notice or permission.
4. Service providers and recipients
The following service providers may process personal data in connection with this website:
Cloudflare
Cloudflare provides website hosting, content delivery, serverless request processing, security functions and Cloudflare Turnstile.
Resend
Resend delivers contact-form submissions to the website operator by email.
Email provider
The provider operating the mailbox for [email protected] processes submitted messages when they are delivered and stored as email.
Personal data may also be disclosed where required by law or where necessary to establish, exercise or defend legal claims.
Personal data is not sold and is not disclosed for third-party advertising.
5. Processing outside Switzerland
Cloudflare, Resend and their subprocessors may process data outside Switzerland, including in the United States and other countries in which they operate infrastructure.
Where required, cross-border processing is protected through recognised adequacy mechanisms, contractual safeguards such as standard contractual clauses, or another mechanism permitted under applicable data-protection law.
Because Cloudflare operates a global network, individual requests may be routed through infrastructure located in different countries.
6. Analytics, advertising and cookies
This website does not use:
- advertising networks
- behavioural advertising
- third-party analytics
- marketing trackers
- externally hosted fonts
Cloudflare may use technically necessary cookies or browser storage for security, bot protection, network management or abuse prevention. These mechanisms are not used by this website for advertising.
7. Retention
Contact enquiries are normally retained for up to 12 months after the last substantive correspondence.
Information may be retained for longer where:
- the enquiry results in a consulting or contractual relationship
- retention is required for accounting, contractual or legal purposes
- the information is required to establish, exercise or defend legal claims
- deletion is temporarily prevented by backup or security systems
Technical and security data is retained according to the configured settings and retention periods of the relevant service providers.
Data that is no longer required is deleted or anonymised where reasonably possible.
8. Your rights
Subject to applicable law, you may request:
- information about whether personal data concerning you is being processed
- access to that personal data
- correction of inaccurate personal data
- deletion of personal data
- restriction of particular processing
- delivery of certain data in a commonly used electronic format
- objection to particular processing
Some requests may be restricted where processing or retention is required by law or necessary to protect overriding interests or legal claims.
Requests may be sent to [email protected]. Reasonable information may be requested to verify your identity before disclosing or modifying personal data.
You may also contact the Swiss Federal Data Protection and Information Commissioner if you believe that your personal data has been processed unlawfully.
9. Data security
Reasonable technical and organisational measures are used to protect personal data against unauthorised access, loss, alteration or disclosure.
These measures include HTTPS transport encryption, access restrictions, secret management, request validation, bot protection and security controls applied by the hosting infrastructure.
No internet transmission or storage system can guarantee absolute security.
10. Changes
This privacy policy may be updated when the website, its service providers or its data-processing practices change.
The version published on this page applies.