Privacy Policy | Tom Clark · cloudsecurity.global

## 1. Who We Are This website is operated by **Tom Clark** and is accessible at [cloudsecurity.global](https://cloudsecurity.global). For any privacy-related enquiries or to exercise your rights under GDPR, contact: **tom@cloudsecurity.global** --- ## 2. What Data Is Collected ### 2.1 Data You Provide — Email Contact This site does not have a contact form. If you choose to contact me via email (by clicking the email link on the Contact page), you are initiating contact directly using your own email client. In doing so, you share: - Your email address - Any personal information you include in the message **Purpose:** To respond to your enquiry. **Legal basis:** Consent — you have chosen to initiate contact. **Retention:** Email correspondence is retained only as long as necessary to handle the enquiry, and deleted when no longer needed. ### 2.2 Server & Hosting Logs — Vercel This site is hosted on [Vercel](https://vercel.com). When you visit any page, Vercel's infrastructure automatically records standard server log data, which may include: - Your IP address - Date and time of the request - Pages visited - Browser and device type (User-Agent string) **Purpose:** Security, abuse prevention, and operational monitoring of the hosting infrastructure. **Legal basis:** Legitimate interest — standard logging is necessary for the safe operation of any website. **Retention:** Managed by Vercel in accordance with their [Privacy Policy](https://vercel.com/legal/privacy-policy). Tom Clark does not have direct access to these logs. ### 2.3 Fonts — Self-Hosted This site uses the **Inter** and **JetBrains Mono** typefaces. These fonts are served directly from this website's own hosting — no requests are made to Google Fonts or any third-party font CDN. No data is transferred to third parties for font delivery. --- ## 3. Cookies This site **does not set cookies** and does not use any tracking, advertising, or analytics technologies. A privacy notice banner is displayed on your first visit. Dismissing it stores a single preference flag in your browser's `localStorage` (not a cookie) so the notice does not reappear. This contains no personal data and is used for no purpose other than suppressing the notice. --- ## 4. Third-Party Services | Service | Purpose | Privacy Policy | |---------|---------|---------------| | Vercel | Website hosting & content delivery | [vercel.com/legal/privacy-policy](https://vercel.com/legal/privacy-policy) | No advertising networks, social media trackers, or analytics platforms are used on this site. --- ## 5. Your Rights Under GDPR If you are located in the UK or European Economic Area (EEA), you have the following rights regarding any personal data held: - **Right of access** — request a copy of any personal data held about you - **Right to rectification** — request correction of inaccurate data - **Right to erasure** — request deletion of your personal data ("right to be forgotten") - **Right to restriction** — request that processing of your data is restricted - **Right to data portability** — receive your data in a structured, machine-readable format - **Right to object** — object to processing based on legitimate interests - **Right to withdraw consent** — where processing is based on consent, you may withdraw it at any time To exercise any of these rights, email **tom@cloudsecurity.global**. Requests will be responded to within **30 days** in line with GDPR requirements. --- ## 6. Data Transfers Outside the UK/EEA Vercel operates infrastructure globally. When using Vercel's hosting services, server log data may be processed in data centres outside the UK or EEA. Vercel participates in appropriate data transfer frameworks. See Vercel's [Privacy Policy](https://vercel.com/legal/privacy-policy) for details. No other transfers of personal data outside the UK/EEA are made by this site. --- ## 7. Data Security This site is served exclusively over HTTPS. Email communications are handled through standard email infrastructure. Reasonable technical measures are taken to protect any personal data processed. --- ## 8. Children's Privacy This site is not directed at children under the age of 16. No personal data is knowingly collected from children. --- ## 9. Changes to This Policy This privacy policy may be updated from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the site after changes constitutes acceptance of the updated policy. --- ## 10. Contact & Complaints For any privacy enquiries: **tom@cloudsecurity.global** If you are unsatisfied with how your data has been handled, you have the right to lodge a complaint with the UK supervisory authority: **Information Commissioner's Office (ICO)** [ico.org.uk](https://ico.org.uk) · 0303 123 1113