Privacy notice
Last updated: 25 June 2026
This notice explains what personal data this website processes, why, and the rights you have under the EU/EEA General Data Protection Regulation (GDPR). BeckTeck (“I”, “me”) runs this site as an independent sole trader based in the United States and offers consulting services to clients in the EU/EEA. Because I target the EU/EEA market, the GDPR applies to this processing under Article 3(2).
Data controller: BeckTeck. For any privacy request, contact privacy@beckteck.org.
What I process, and why
1. Anti-bot security (Cloudflare Turnstile). When the page loads, Cloudflare Turnstile runs a challenge that protects my contact details from scraping and spam. To do this, Cloudflare processes your IP address and browser/device signals. Purpose: security and abuse prevention. Legal basis: my legitimate interests in protecting the site and my contact details (Art. 6(1)(f)). In its default mode Turnstile does not store cookies on, or read storage from, your device.
2. Hosting & delivery logs (Bunny.net). The site is served by Bunny.net (BunnyWay d.o.o., Slovenia, EU), whose servers keep standard access logs — including your IP address — to deliver the site and keep it secure. Legal basis: legitimate interests in secure, reliable delivery (Art. 6(1)(f)). Retention: Bunny.net keeps these access logs for up to 3 days; they are not stored permanently or forwarded elsewhere.
3. Analytics (PostHog). PostHog (EU Cloud — hosted in Frankfurt, Germany) measures page views and on-page interactions (clicks) so I can understand how the site is used and improve it. In the EU/EEA, by default it runs in a cookieless mode that writes nothing to your device: visitors are counted with a short-lived, daily-rotating server-side hash (your IP and browser are used only to compute that hash, then discarded — never stored with events). This runs from the first page load on the basis of my legitimate interests in basic audience measurement (Art. 6(1)(f)). Outside the EU/EEA (e.g. the United States, where no opt-in consent is required), analytics may default to cookie-based — you can still opt out at any time (below).
- Accept — PostHog additionally uses cookies / local storage to recognise return visits, for fuller insight. Legal basis: your consent (Art. 6(1)(a); ePrivacy Art. 5(3)); withdraw anytime via “Cookie settings” in the footer.
- Decline — it stays cookieless.
- Turn it off completely — use the button below (or send a “Do Not Track” or Global Privacy Control browser signal) and PostHog won’t load at all. You can also object at any time by emailing privacy@beckteck.org. (Declining keeps cookieless measurement running; this stops everything.)
In all cases: session recording is off, your IP address is not stored with events, and the data is hosted in the EU.
4. Email contact. If you email me (using the address revealed after the security check), I process your message and email address to read and reply. Legal basis: my legitimate interests in responding to enquiries and taking steps at your request prior to any engagement (Art. 6(1)(f) / Art. 6(1)(b)).
Cookies & consent
This site sets no advertising or tracking cookies of its own. The Turnstile security check is strictly necessary and runs without consent. PostHog runs cookieless by default and sets cookies only if you Accept (see above). Your consent choice is remembered in a single first-party flag stored on your device purely to honour your decision — this is strictly necessary and is not used for tracking.
Who receives your data (processors)
I use the following providers, each acting as a processor under a data-processing agreement:
- Cloudflare, Inc. (USA) — Turnstile bot protection. DPA.
- BunnyWay d.o.o. (Bunny.net) (Slovenia, EU) — hosting & content delivery. GDPR / DPA.
- PostHog, Inc. (USA; EU Cloud data hosted in Germany) — analytics, only with your consent. DPA · sub-processors.
International transfers
Bunny.net hosts within the EU, so that delivery does not involve a transfer outside the EEA. Cloudflare is US-based; transfers to it rely on the EU–US Data Privacy Framework and/or the EU Standard Contractual Clauses in its DPA. PostHog EU Cloud keeps your analytics data in the EU (Frankfurt); PostHog, Inc. is a US company and relies on the EU Standard Contractual Clauses for any limited operational sub-processing that may occur outside the EEA.
Your rights
Under the GDPR you may request access to, correction of, or erasure of your personal data; restrict or object to processing; request portability; and withdraw any consent at any time (which does not affect processing already carried out). To exercise these rights, contact privacy@beckteck.org. You also have the right to lodge a complaint with the data protection supervisory authority in your EU/EEA country.
Changes
I may update this notice; the “last updated” date above will change accordingly.