Privacy Policy
ShekharIT is built on the principle of Data Minimalism. We don't want your personal data. We're a static site — there's no database to store it in.
What We Collect & Why (Lawful Basis)
A. Analytics — Legitimate Interest
We use Cloudflare Web Analytics — a privacy-preserving analytics tool that does not use cookies and does not track individual users. Data collected is aggregate and anonymised only:
- Page view counts (no individual tracking)
- Country of origin (country-level only, no IP stored)
- Device category (mobile, desktop, tablet)
- Referral source (domain only — no personal identifiers)
Lawful basis (GDPR Art. 6): Legitimate interests — understanding site performance without privacy infringement.
Cloudflare Web Analytics is designed to be GDPR-compliant by design. No personal data leaves your device. No cookies are set. No cross-site tracking occurs.
B. Contact Form — Consent (Art. 6(1)(a))
When you submit the contact form, the following data is collected and processed by Formspree (our form processor) on your behalf:
- Name (as entered)
- Email address
- Message content
- IP address (by Formspree, for spam prevention)
This data is used solely to respond to your inquiry. We do not add contact form submissions to any mailing list without your explicit consent. Retention: messages are retained for a maximum of 12 months then deleted.
C. Newsletter — Consent (Art. 6(1)(a))
If you subscribe to our newsletter, your email address is stored by Buttondown. We collect only your email. You can unsubscribe at any time via the one-click link in every email. Upon unsubscription, your data is deleted within 30 days.
Cookies & Local Storage
This site uses zero tracking cookies.
| Storage Item | Type | Purpose | Expires |
|---|---|---|---|
theme | localStorage | Saves your dark/light mode preference | Until cleared by user |
right-sidebar-collapsed | localStorage | Saves sidebar state | Until cleared by user |
sidebar-pinned | localStorage | Saves sidebar pin state | Until cleared by user |
These items are stored exclusively on your device and are never transmitted to our servers. You can clear them at any time via your browser's developer tools or privacy settings.
We use no advertising cookies, no tracking pixels, and no third-party analytics cookies of any kind.
Third-Party Sub-Processors
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Cloudflare Pages | Hosting & CDN | Anonymised request logs | View ↗ |
| Cloudflare Analytics | Privacy analytics | No personal data | View ↗ |
| Buttondown | Newsletter (opt-in) | Email address only | View ↗ |
| Formspree | Contact form | Name, email, message, IP | View ↗ |
We have reviewed each sub-processor's privacy practices and selected them specifically for their compliance posture.
External Links
Our content links to external documentation, tools, and resources. Once you leave shekharit.com, this Privacy Policy no longer applies. We recommend reviewing the privacy policy of any external website you visit. We are not responsible for the privacy practices of third-party sites.
Your Privacy Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Right of Access (GDPR Art. 15): Request a copy of personal data we hold about you
- Right to Erasure (GDPR Art. 17): Request deletion of your personal data
- Right to Rectification (GDPR Art. 16): Request correction of inaccurate data
- Right to Object (GDPR Art. 21): Object to processing based on legitimate interests
- CCPA Rights: California residents have the right to know, delete, and opt-out of the sale of personal information (we do not sell personal information)
To exercise these rights, contact us at privacy@shekharit.com. We will respond within 30 days.
If you believe we have violated your privacy rights, you also have the right to lodge a complaint with your local data protection authority.
Data Breach Notification
In the unlikely event of a data breach affecting your personal information, we will notify affected individuals within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33 requirements where applicable.