Skip to main content

Privacy Policy — xaviviro.com

Personal data processing and compliance with the EU General Data Protection Regulation (GDPR/EU 2016/679)

Published:

Data controller

This website (xaviviro.com) is a personal project of Xavier Vinaixa Roselló, with professional address in Barcelona (Catalonia, Spain). For any question related to personal data or this policy, you may contact xavi@sorensen.ai.

What data is collected

xaviviro.com is a static, informational site. There is no form or active mechanism for collecting personal data. No behavioural analytics tools are used (no Google Analytics, no Meta Pixel, no Hotjar, no proprietary tracking).

The hosting server (OVH, France) keeps standard access logs (IP address, user-agent, requested resource and date) for security and incident response, on the legal basis of legitimate interest (Article 6.1.f GDPR). These logs are purged according to the provider's retention policy and are not used to profile visitors.

Cookies and local storage

This site does not install first-party cookies nor uses localStorage for marketing or analytics. Theme preference (light/dark) is derived from the user's operating system via prefers-color-scheme.

When the user clicks to load third-party embeds (Substack, Instagram, YouTube, 3Cat by CCMA, RTVE), those platforms may set their own cookies and collect data under their own privacy policies. By default these embeds are disabled until the user explicitly activates them (a click-to-load approach) to minimise data transfer.

Third-party services

Once an embed is activated, your information is governed by the corresponding provider's policy: Substack, Instagram (Meta), YouTube (Google), 3Cat (CCMA) and RTVE.

The site also uses self-hosted fonts (Chakra Petch) — no calls to Google Fonts or external CDNs are made on first paint.

Your rights

Under Articles 15-22 of the GDPR, you may exercise your rights of access, rectification, erasure, objection, restriction and portability by writing to xavi@sorensen.ai. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) or the Catalan Data Protection Authority (APDCAT).

Changes to this policy

This policy may be updated to reflect technical or legal changes. The last updated date is shown in the header. Previous versions are accessible in the public repository history.