Privacy Policy
Last updated: 25 February 2026
1. Personal Data Collected
When you contact me via the contact form, I collect:
- Name, email address, subject, and message content
- IP address (for rate limiting and security only)
This website does not use analytics, tracking cookies, advertising pixels, or third-party trackers. Fonts are self-hosted. See the Cookie Policy for details on the cookies used.
2. Client Preview Service
When I create a website preview for a prospective client, I may process the following data:
- Email address associated with the preview access link
- Access timestamps and count to verify delivery and detect misuse
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Providing the requested preview service | Legitimate interest (Art. 6(1)(f)) |
| Verifying service delivery | Legitimate interest (Art. 6(1)(f)) |
Preview links are shared privately and exclusively with the intended recipient. The preview session cookie (preview_session) contains no personal data — only a site identifier and expiry timestamp. Access records are retained for 90 days after the preview is removed, then deleted.
3. Purpose and Legal Basis
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Responding to enquiries | Pre-contractual measures (Art. 6(1)(b)) |
| Consent given via form | Consent (Art. 6(1)(a)) |
| Website security and spam prevention | Legitimate interest (Art. 6(1)(f)) |
| Client preview service | Legitimate interest (Art. 6(1)(f)) |
| Legal obligations | Legal obligation (Art. 6(1)(c)) |
4. Data Retention
- Contact form submissions: 12 months after last correspondence, then deleted
- Client preview data: 90 days after preview removal, then deleted
- Server logs: 30 days, then purged
- Language cookie: Expires based on browser settings
- Preview session cookie: 24 hours
5. Your Rights
Under GDPR you may request access, rectification, erasure, restriction, portability, or object to processing. You may also withdraw consent at any time.
Send requests to: contact@ianlouw.com. I will respond within one month.
6. Complaints
You have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) at www.cnpd.pt.
7. Data Security
The site uses HTTPS encryption, access controls, rate limiting, honeypot spam detection, and input validation. No system is 100% secure, but commercially reasonable measures are in place.
8. Changes
This policy may be updated. The current version is always available here.
Version 1.1 — 25 February 2026