Back to Home

Legal Document

Privacy Policy

devmirko.me — Last updated: April 29, 2025

No data soldMinimal collectionGDPR-awareOpen-source portfolio
⚠️Informational purposes only. This policy does not constitute legal advice. For a legally binding document tailored to your jurisdiction, consult a qualified attorney specializing in data privacy law.
01

Introduction

Welcome to devmirko.me, the personal portfolio of Mirko Fiorini (hereinafter "I", "me", or "my"). This Privacy Policy explains what information is collected when you visit this website, how it is used, and what your rights are.

This site is a static personal portfolio. It does not have user accounts, payment forms, or mandatory registration. The amount of personal data collected is therefore minimal by design.

By using this website, you agree to the terms described in this document. If you have any questions, please contact me at devmirkoo@gmail.com.

Effective date: April 29, 2025
Operator: Mirko Fiorini (devmirko.me) — Italy
02

Data We Collect

I collect only the minimum data necessary to operate and improve this website. Below are the categories:

Automatically collected data

  • IP address — logged transiently by the hosting infrastructure (Vercel) for security and abuse prevention.
  • Browser & device info — user-agent string, device type, operating system, browser version.
  • Usage data — pages visited, referrer URL, time on page, interactions (via analytics, see §5).

Data you provide voluntarily

  • Contact messages — if you reach out via email or social links listed on the site, I receive your message and any information you include.

Data NOT collected

  • No names or emails via on-site forms (none exist).
  • No payment or financial data.
  • No health, biometric, or sensitive personal data.
  • No precise GPS location.
03

How We Collect It

Data is collected through three mechanisms:

  1. Automatically on page load — hosting infrastructure (Vercel) logs HTTP requests, including IP addresses and user-agents, as part of normal server operation.
  2. Analytics scripts — third-party analytics tools (see §5) may set cookies or use fingerprinting to track page views and interactions.
  3. Voluntarily by you — when you click a contact link (email, Discord, GitHub, X/Twitter) and choose to send a message.
04

How We Use It

Information collected is used exclusively for:

  • Portfolio presentation — serving the website content reliably to visitors.
  • Performance & debugging — identifying slow-loading pages or broken elements to improve the site.
  • Analytics — understanding which projects or sections attract the most interest so I can prioritize content.
  • Security — detecting and mitigating abusive traffic or attacks.
  • Responding to inquiries — replying to messages you send through external channels.

I do not use your data for advertising, profiling, or automated decision-making.

05

Third Parties

This site integrates or links to third-party services. Each has its own privacy policy:

VercelHosting & CDN

Processes server logs, IP addresses, and request metadata.

View their Privacy Policy →
GitHubSource code & avatar

Avatar image is fetched directly from GitHub CDN.

View their Privacy Policy →
Cloudflare R2Media CDN

Hosts portfolio videos and images. Requests go through Cloudflare.

View their Privacy Policy →
Discord / X / RobloxExternal social links

Clicking these links takes you to external platforms governed by their own policies.

⚠️ [LEGAL REVIEW REQUIRED] If any of these third-party processors are located outside your jurisdiction (e.g. outside the EU), a Data Processing Agreement (DPA) or Standard Contractual Clauses may be required under GDPR.

06

Cookies & Tracking

This site may use cookies and similar technologies. Below is a breakdown:

CategoryPurposeEssential?
Theme preferenceStores light/dark mode selection locally✅ Yes
AnalyticsTracks page views and interactions (via third-party tools)❌ No

Non-essential cookies (analytics) require your consent under GDPR if you are accessing from the European Union.

You can manage or delete cookies at any time through your browser settings. Disabling cookies may affect functionality such as theme persistence.

⚠️ [LEGAL REVIEW REQUIRED] If a cookie consent banner is implemented, it must meet GDPR and ePrivacy Directive requirements (no pre-ticked boxes, granular choice).

07

Data Retention

  • Server logs (Vercel) — retained per Vercel's standard policy (typically up to 30 days for edge logs). I do not export or store these independently.
  • Analytics data — retained as configured in the analytics tool (typically 14–26 months). Aggregated and anonymized where possible.
  • Contact messages — retained as long as the conversation is relevant, and deleted upon request.

⚠️ [LEGAL REVIEW REQUIRED] GDPR Article 5(1)(e) requires data be kept "no longer than necessary". Retention periods should be formally documented and periodically reviewed.

08

Your Rights

Depending on your jurisdiction, you may have the following rights over your personal data:

  • Right to access — request a copy of data held about you.
  • Right to erasure — request deletion of your data ("right to be forgotten").
  • Right to rectification — request correction of inaccurate data.
  • Right to restrict processing — limit how your data is used.
  • Right to data portability — receive your data in a portable format.
  • Right to object — object to processing based on legitimate interests.
  • Right to opt out of analytics — use browser settings or opt-out tools provided by analytics vendors.

To exercise any of these rights, contact me at devmirkoo@gmail.com. I will respond within 30 days.

⚠️ [LEGAL REVIEW REQUIRED] GDPR (EU/EEA) and CCPA (California) grant specific rights with strict response deadlines. Rights under other jurisdictions may differ.

09

Security

I implement reasonable technical and organisational measures to protect the information associated with this site:

  • All traffic is served over HTTPS (TLS encryption in transit).
  • The site is deployed on Vercel, which provides infrastructure-level security, DDoS protection, and access controls.
  • Media assets are hosted on Cloudflare R2, behind Cloudflare's global security network.
  • Source code is version-controlled on GitHub with private credentials managed via environment variables — never committed to the repository.

No system is 100% secure. In the unlikely event of a data breach affecting your personal data, I will notify affected parties in accordance with applicable law.

10

Children's Privacy

This website is not directed at children under the age of 13 (or 16 in certain EU member states). I do not knowingly collect personal data from children. If you believe a child has provided personal information, please contact me immediately and I will delete it.

⚠️ [LEGAL REVIEW REQUIRED] If the site attracts minors, additional requirements apply under COPPA (US) and the UK Children's Code.

11

Policy Changes

I may update this Privacy Policy from time to time to reflect changes in technology, law, or business practices. When I do:

  • The "Last updated" date at the top of this page will change.
  • Significant changes will be noted prominently on the site.

Continued use of the site after changes are posted constitutes acceptance of the revised policy.

12

Contact

For any privacy-related questions, requests, or concerns, contact me at:

NameMirko Fiorini
Emaildevmirkoo@gmail.com
LocationItaly, CET
Websitehttps://devmirko.me
ResponseWithin < 24h
Effective: April 29, 2025 · Governing law: Italy / European Union (GDPR)
NEW
GitHub