Privacy Policy

1. Introduction

EMCOGMA ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website.

2. Information We Collect

2.1 Information You Provide

• Contact Form: Name, email address, and message content
• Comments: Name, optional email address, and comment content
• Newsletter: Email address (if you subscribe)

2.2 Automatically Collected Information

• Log Data: IP address, browser type, pages visited, time spent on pages
• Cookies: Session cookies for authentication (HTTP-only, secure)
• Security Logs: Security events for monitoring and protection

3. How We Use Your Information

We use the collected information to:

• Respond to your inquiries and provide customer support
• Display approved comments on blog posts
• Send newsletters (if you subscribed)
• Monitor and improve website security
• Analyze website usage and improve user experience
• Comply with legal obligations

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

• Encryption: All data transmitted over HTTPS (TLS 1.2+)
• Database Security: Row-Level Security (RLS) policies via Supabase
• Access Control: Database-driven admin whitelist with audit trails
• Session Security: HTTP-only cookies, 10-minute timeout
• Input Validation: Comprehensive sanitization to prevent XSS and injection attacks
• Rate Limiting: Protection against brute force and DDoS attacks

5. Third-Party Services

We use the following third-party services:

6. Your Rights (GDPR & CCPA)

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a machine-readable format
• Objection: Object to processing of your data
• Opt-Out: Unsubscribe from marketing communications

To exercise these rights, contact us at: emcogma@gmail.com

7. Cookies

We use the following types of cookies:

• Essential Cookies: Required for authentication and security (HTTP-only)
• Session Cookies: Temporary cookies deleted when you close your browser

We do not use tracking cookies or third-party advertising cookies.

8. Data Retention

• Comments: Retained indefinitely (can be deleted upon request)
• Contact Submissions: Retained for 1 year
• Security Logs: Retained for 90 days
• Session Data: Deleted upon session expiry (10 minutes)

9. Children's Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and that your data receives an adequate level of protection.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

13. Security Incident Reporting

If you discover a security vulnerability or privacy concern, please report it responsibly to emcogma@gmail.com. We take all security reports seriously and will investigate promptly.