Privacy Policy

Who We Are

#

This website iam.fabiograsso.net is a personal blog operated by Fabio Grasso, located in France. For any privacy-related inquiries, you can contact me at [email protected].

What Information We Collect

#

Information We Collect Directly

#

• Newsletter: If you subscribe to our newsletter, we collect your email address through our newsletter service provider, Brevo.
• Contact form: When you send a message through the on-site contact form, the data you enter (e.g., name, email, message) is collected by our form provider, KwesForms.

Information Collected Automatically

#

This website itself does not collect personal data from visitors. However, when you visit this site:

• Hosting infrastructure (Cloudflare): Technical information (such as your IP address, browser type, and device information) is automatically collected and processed by our hosting provider to deliver the website securely and efficiently.
• Primary Analytics (GoatCounter): Anonymous usage information (pages visited, referrer, browser info, country) is automatically collected for detailed website analytics. No personal data or cookies are involved.
• Infrastructure Analytics (Cloudflare Web Analytics): Basic usage metrics are collected as part of our hosting service for performance monitoring. Data is based on a sample of visits and includes similar anonymous metrics.

Information Stored Locally on Your Device

#

We store certain information locally on your device using browser local storage:

• Theme preferences (appearance and pref-theme): To remember your dark/light mode preference
• Comment session (giscus-session): Only stored when you log in via GitHub to leave comments. See section Comment System

Use of Cookies

#

This site does not use cookies for tracking or analytics purposes. Both our analytics tools, GoatCounter and Cloudflare Web Analytics, are completely cookieless and do not store any data on your device.

Local Storage

#

We use local storage (not cookies) to enhance your browsing experience:

• Essential storage: Theme preferences are stored locally to remember your display preferences across visits
• Comment functionality: When you choose to comment via GitHub login, session information is stored locally to maintain your authentication state during your visit

Comments System

#

Comments on this blog are powered by Giscus, which uses GitHub Discussions. When you comment:

• You must authenticate with your GitHub account
• Your comment data is processed according to GitHub’s Privacy Statement and Giscus Privacy Statement
• Session information may be stored locally on your device for the duration of your visit

Newsletter

#

Our newsletter is provided by Brevo (formerly known as Sendinblue). When you subscribe:

• We collect only your email address
• Your subscription and data processing are governed by Brevo’s Privacy Policy
• You can unsubscribe at any time using the link provided in each newsletter
• Your subscription is based on your explicit consent

Contact Form

#

This blog uses KwesForms (https://kwesforms.com/) solely to provide the contact form you see on the “Contact” page.

• When you submit the form, your message and any personal data you include (e.g., name, email) are collected and processed by KwesForms.
• Handling, storage, and security of that data are governed by the KwesForms Privacy Policy.
• KwesForms forwards your message to my email inbox; I do not store the form submissions on this website or in any self-hosted database.
• Your submission is used exclusively to respond to your inquiry and is not added to the newsletter list unless you explicitly request it.

Website Analytics

#

This website uses two complementary analytics systems to understand website usage and performance:

Primary Analytics: GoatCounter

#

GoatCounter serves as our main privacy-first, open-source web analytics platform.

What GoatCounter Collects

#

• Pages you visit on this website
• Referrer (how you arrived at this site)
• Browser and operating system information
• Country/region (derived from IP address, but IP is not stored)
• Screen size and language preferences

What GoatCounter Does NOT Collect

#

• No cookies: GoatCounter does not use any cookies
• No personal data: No information that can identify you personally
• No IP addresses: Your IP address is not stored in any database
• No cross-site tracking: No tracking across other websites
• No data sharing: Your data is never shared with third parties

How It Works

#

GoatCounter uses a temporary hash of your IP address and browser information to avoid counting duplicate visits within the same session. This hash is kept only in memory for a maximum of 8 hours and is never stored permanently.

Infrastructure Analytics: Cloudflare Web Analytics

#

Cloudflare Web Analytics is provided as part of our hosting infrastructure for technical performance monitoring.

What Cloudflare Analytics Collects

#

• Similar anonymous metrics as GoatCounter (pages, referrers, browser info)
• Sample-based data: Analytics are based on approximately 10% of visits
• No cookies: Cloudflare Analytics is also cookieless
• No personal data storage: IP addresses are not stored permanently

Data Processing

#

• Data is processed by Cloudflare Inc. (US company) with servers globally
• Subject to Cloudflare’s Privacy Policy
• Data transfers governed by Standard Contractual Clauses

Legal Basis (Both Systems)

#

This processing is based on my legitimate interest to understand how this website is used to improve content, user experience, and technical performance. Since no personal data is collected or stored by either system, this falls outside the scope of GDPR consent requirements.

Your Rights (Both Systems)

#

Since no personal data is collected by either analytics system, there is no personal data to access, modify, or delete. However, you can contact me at [email protected] if you have questions about our analytics practices.

How Your Information Is Used

#

Technical Information (Cloudflare)

#

Cloudflare may process your IP address and basic connection details for the following purposes:

• Delivering website content
• Ensuring network and information security
• Detecting and mitigating malicious activity

This processing is based on Cloudflare’s legitimate interest in providing a secure and reliable service.

Newsletter (Brevo)

#

Your email address is used solely to send you our newsletter content. Processing is based on your explicit consent.

Contact Form (KwesForms)

#

Data you submit via the contact form is used solely to respond to your inquiry or any follow-up you request. Processing and temporary storage are handled by KwesForms on my behalf.

Local Storage

#

Information stored locally on your device is used to:

• Remember your theme preferences (essential functionality)
• Maintain your comment session when logged in via GitHub (functionality you have chosen to use)

Data Sharing

#

• Your technical information may be processed by Cloudflare in accordance with their Privacy Policy
• Newsletter data is processed by Brevo according to their Privacy Policy
• Contact-form data is processed by KwesForms in accordance with their Privacy Policy
• Comment data is processed by GitHub according to their Privacy Statement
• Anonymous analytics data is processed by GoatCounter according to their Privacy Policy
• Infrastructure analytics data is processed by Cloudflare according to their Privacy Policy
• No personal data is shared by me with any other third parties

Your Rights

#

As an EU resident, you have the following rights regarding your personal

• Access: Request information about what personal data we hold about you
• Rectification: Request correction of inaccurate personal data
• Erasure: Request deletion of your personal data
• Restriction: Request restriction of processing
• Portability: Request transfer of your data
• Object: Object to processing based on legitimate interests
• Withdraw consent: Withdraw consent for newsletter subscription at any time

To exercise these rights:

• For newsletter Contact me at [email protected] or use the unsubscribe link
• For Cloudflare Refer to Cloudflare’s Privacy Policy
• For comment Refer to GitHub’s Privacy Statement
• For local storage: You can clear this data through your browser settings

International Data Transfers

#

• Cloudflare may process data in various locations globally in accordance with their privacy policy
• Brevo processes data within the EU and in accordance with GDPR requirements
• KwesForms processes data within the EU and in accordance with GDPR requirements
• GoatCounter processes and stores data on servers in the European Union
• Cloudflare Analytics processes data globally as part of Cloudflare’s infrastructure services
• GitHub may process data globally in accordance with their privacy statement

Data Retention

#

• Newsletter: Your email address is retained until you unsubscribe
• Analytics: GoatCounter retains anonymous analytics data for statistical purposes with no personal identifiers; Cloudflare Analytics retains sample-based data according to their retention policy
• Local storage: Data is retained until you clear your browser data or change the settings
• Other Refer to the respective privacy policies of Cloudflare and GitHub

Changes to This Policy

#

This privacy policy may be updated from time to time. Please check back periodically for updates. Significant changes will be communicated via the blog or newsletter if you have subscribed.

Contact Information

#

For any questions about this privacy policy or your personal data, contact: Fabio Grasso
Email: [email protected]

Disclaimer

#

This is my personal blog. All statements and content published here reflect my own opinions and do not represent the views of my employer, Okta Inc., or any other organization with which I am affiliated. In case of any overlap with my professional activity, please note that this blog is independent and not an official communication channel of my employer.

Technical Information: The technical information, tutorials, and advice provided on this blog are for educational and informational purposes only. While I strive for accuracy, I make no warranties about the completeness, reliability, or suitability of any information provided. Always verify information independently and consult official documentation before implementing any technical solutions.

No Professional Advice: Content on this blog should not be considered as professional consulting advice. For specific technical implementations or business decisions, please consult with qualified professionals or official support channels.

External Links: This blog may contain links to external websites. I am not responsible for the content, privacy practices, or availability of external sites.

Trademarks: All trademarks, service marks, and company names mentioned on this blog are the property of their respective owners. Any reference to third-party products or services is for informational purposes only and does not constitute an endorsement.

Accuracy: While I make every effort to ensure information accuracy, technology evolves rapidly. Some information may become outdated. Always refer to official documentation for the most current information.

AI-Assisted Content: Some content on this blog may be created with the assistance of AI (Artificial Intelligence) tools. However, all content is reviewed, fact-checked, edited, and approved by me before publication. I maintain full editorial responsibility and ensure that all published content reflects my professional expertise and personal opinions.

Last updated on: Oct 8, 2025