What is ecetiner.com and where does this privacy policy apply?#
The domain ecetiner.com is owned and operated by Esad Cetiner. This privacy policy applies to ecetiner.com and its subdomains.
Analytics#
ecetiner.com uses a self-hosted instance of Plausible Analytics to understand general website usage.
The following anonymous usage data are collected:
- Visited pages.
- Referring website (source of the visit).
- Approximate country of origin (based on IP address).
- Time of visit.
This data is privacy-focused, does not identify individual users, and is not used to track users across websites.
What data is collected#
Depending on how you interact with ecetiner.com, the following types of data may be collected:
- Your IP address.
- Pages you visit on the site.
- Technical information about your browser, such as the User-Agent string.
- Information you submit via contact forms, such as your name, email address, and message content.
- In cases of suspected abuse or security events, full or partial request data may be logged (for example, HTTP request details) to investigate and mitigate the activity.
- Data you store or upload to Esad’s private services.
How your data is protected#
Your data is protected using layered security controls, including system hardening and defense-in-depth practices.
Data is encrypted in transit using TLS and encrypted at rest using disk-level encryption.
Data that is no longer required is deleted in accordance with our retention policies to reduce the impact of a potential data breach.
What rights do I have over my data?#
If you interact with the public blog or use the contact form, you may request access to or correction of the personal data you have directly provided.
Where applicable, you may also request deletion of personal data held in user-facing services. This does not include system-generated data such as server access logs or security logs, which are retained for operational and security purposes as described in this policy.
If you are granted access to a private service provided by Esad Cetiner, you retain ownership of the data you store within that service. You may request deletion of your account and associated user data held within the service at any time. This excludes system logs and data retained in backups.
All deletion requests are subject to technical constraints, including system-wide backup retention. Backups are retained for up to 30 days and are automatically rotated after this period, after which previous copies are no longer accessible.
Who your data is shared with and why#
We share limited data with third-party services only for security, fraud prevention, and abuse protection.
- CrowdSec, a crowdsourced threat intelligence platform, is used to help detect and block malicious IP addresses. When suspicious activity is identified, information such as your IP address, timestamp, and a classification of the detected behavior may be shared with CrowdSec. Data is processed in accordance with their privacy policy.
- Cloudflare Turnstile is used to distinguish automated traffic from legitimate users. When you interact with protected pages, Cloudflare may process information such as your IP address, browser and device data, and interaction signals as part of this process.
How long your data is retained#
Security-related data, such as firewall logs and records of suspicious activity, is typically retained for up to 12 months.
Operational logs that are not related to security are usually retained for up to 3 months before being deleted or anonymised.
For private services where data is user-controlled, data is deleted when you remove it. A fixed retention period of up to 30 days applies due to system-wide backups used for recovery purposes. After this period, backups are automatically rotated and previous copies are no longer accessible.