Effective date: 4 June 2026
This Privacy Policy governs the website at hamiae.com (the “Site”), operated by Kőrösfalvi Martin (the “Operator”). By accessing or using the Site, you (the “User”) acknowledge that you have read and accept this Policy in full. If you do not accept it, you must not use the Site.
The Site collects only the data necessary to provide its functions. It serves no advertising and does not profile or track the User across other websites. The categories described below are the only categories of personal data processed.
When the User submits the contact form, the name, email address, subject and message provided are transmitted through EmailJS to the Operator’s mailbox for the sole purpose of responding to the enquiry. This data is provided voluntarily and is used for no other purpose.
Reviews may be submitted only through a one-time invitation link issued by the Operator. The name, role, rating and text submitted are stored in the Operator’s database and, once approved by the Operator, published publicly on the Site. Submission is voluntary and constitutes the User’s express consent to storage and publication. The User must not submit any data they are not entitled to disclose.
The Site uses Cloudflare Turnstile to prevent automated abuse of its forms. Turnstile processes technical signals, which may include the User’s IP address and browser characteristics, solely to confirm that the User is human.
Access to the private administration area is restricted to the Operator and is authenticated via GitHub OAuth. This concerns the Operator’s own account only and involves no data about visitors.
The Site uses Vercel Web Analytics and Vercel Speed Insights. These services are cookieless, report only aggregate metrics, and do not identify the User personally or track the User across other websites.
The Operator relies on the following independent processors, each governed by its own privacy policy: Vercel (hosting and analytics), Neon (database hosting), Cloudflare (bot protection) and EmailJS (delivery of contact messages). Data handled by these processors is subject to their respective terms.
Contact messages are retained in the Operator’s mailbox only as long as necessary to handle the enquiry. Published reviews are retained until the User requests their removal or the Operator removes them. Unused or expired invitation links are invalidated.
Where the GDPR applies, processing is carried out on the basis of the User’s consent (contact form and review submission) and the Operator’s legitimate interest in operating and securing the Site (bot protection and administration).
The Site and all content are provided “as is” and “as available”, without warranty of any kind, express or implied. To the maximum extent permitted by applicable law, the Operator excludes all liability for any loss or damage arising from use of, or inability to use, the Site.
Where the GDPR applies, the User may exercise the rights of access, rectification, erasure, restriction and objection. To exercise any of these rights, or to request removal of a published review, the User may contact the Operator through the contact form.
The Operator may revise this Policy at any time and without prior notice. Continued use of the Site after a revision takes effect constitutes acceptance of the revised Policy. The effective date above reflects the current version.