Privacy Policy

Effective date: 2026-01-01

This Privacy Policy explains how supasuge.com ("Site," "we," "us," or "our") collects, uses, stores, and discloses information when you visit or interact with this Site. This Policy is intended to be specific to the Site as currently implemented, including its self-hosted analytics system.

1. Scope

This Privacy Policy applies to public pages on the Site, Site administration interfaces, and Site communications that link or refer to this Policy.

2. What We Collect

2.1 Data collected automatically through Site analytics

If analytics are enabled and your browser does not send a Do Not Track preference that disables analytics, the Site currently collects the following data for pageview and session analytics:

• Page path (for example, the URL path visited)
• Post identifier when viewing a post page, if available in the page markup
• Visitor identifier stored in the analytics_vid cookie
• Session identifier stored in browser sessionStorage
• Referrer (document.referrer)
• Screen dimensions (screen width and screen height)
• User agent string
• Timestamp of the pageview request
• Heartbeat / time-on-page data tied to a pageview record
• Landing page, exit page, session page count, first seen, and last seen derived from analytics session processing

2.2 Cookie and storage details

• analytics_vid cookie: a stable visitor identifier generated client-side from cryptographically random bytes and stored for approximately 365 days.
• analytics_session sessionStorage value: a per-tab session identifier stored in browser session storage and normally cleared when that tab/session ends.

2.3 Server-side and derived analytics data

When analytics requests reach the server, the server may additionally record or derive:

• Truncated / anonymized IP information (IPv4 is reduced to the first three octets plus .0; IPv6 is shortened)
• Approximate geolocation derived from the request IP if a GeoIP database is configured, including country code, country name, city, and region
• Internal pageview and analytics session database identifiers

2.4 Administrative and security logging

The Site stack may also generate standard application, reverse-proxy, rate-limit, and security logs for operational and defensive purposes. Depending on the request and the component generating the log, such logs may include IP address, request path, timestamp, status code, host header, and user agent.

2.5 Information you choose to provide

If you contact us directly, submit a responsible disclosure, authenticate to an administrative interface, or otherwise send information to us, we may collect the information you choose to provide, including message contents and contact details.

3. What We Do Not Intend to Do

• We do not use third-party advertising trackers.
• We do not currently use third-party analytics platforms such as Google Analytics.
• We do not currently sell visitor personal information.
• We do not currently use the analytics data collected by this Site to serve behavioral advertising.

4. Do Not Track

The client-side analytics script is designed to stop running when the browser's Do Not Track signal is enabled. The server-side pageview endpoint is also configured to respect a DNT: 1 request header where applicable.

5. Purposes of Processing

We process the information described above for the following purposes:

• to operate, maintain, and secure the Site;
• to understand traffic volume and which content is being read;
• to measure approximate time-on-page and page popularity;
• to debug errors, abuse, and operational issues;
• to investigate suspected malicious activity or misuse;
• to respond to inquiries, disclosures, or administrative requests.

6. Legal Basis and Consent Position

By using the Site, you acknowledge that the Site uses the practices described in this Policy. Where applicable law requires a different consent mechanism for a given visitor or jurisdiction, you are responsible for refraining from use unless and until that mechanism is implemented. Nothing in this Policy is intended to waive any non-waivable statutory rights.

7. Data Sharing

We may disclose information:

• to service providers or infrastructure providers that host or support the Site;
• when reasonably necessary to protect the security, integrity, or availability of the Site;
• to comply with applicable law, lawful process, court order, subpoena, or government request;
• in connection with investigating fraud, abuse, security incidents, or Terms violations;
• as part of a business transfer involving the Site, if one occurs.

8. Retention

The Site configuration currently includes an analytics retention setting targeted at 15 days. However, as the Site is presently implemented, that setting does not by itself guarantee automatic deletion. Unless and until an automated purge mechanism is deployed, analytics and related operational records may remain longer than the configured target retention period.

We may retain data longer where reasonably necessary for security, debugging, fraud prevention, legal compliance, dispute resolution, or backup integrity.

9. Security

We use administrative, technical, and organizational measures intended to reduce risk, including HTTPS, host allowlisting, rate limiting, content security policy controls, input validation, access controls for administrative functions, and security logging. No method of transmission, storage, or processing is guaranteed to be completely secure.

10. Children's Privacy

This Site is not directed to children under 13, and we do not intentionally solicit personal information from children under 13 through the public portions of the Site.

11. Your Choices

• You may enable Do Not Track in supported browsers.
• You may clear the analytics_vid cookie in your browser.
• You may clear browser session storage to remove the current per-tab session identifier.
• You may stop using the Site at any time.

12. Jurisdiction-Specific Rights

Depending on where you are located, you may have rights to request access to, correction of, deletion of, or restriction regarding certain personal information. Because this Site is small, self-hosted, and subject to changing technical and legal conditions, rights handling may vary depending on what information can reasonably be tied back to your request.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version becomes effective when posted to this page, unless otherwise stated.

14. Contact

For privacy questions, security disclosures, or legal notices relating to this Policy, contact: epardo1742@proton.me