Privacy Policy

Data Controller

StakeSquid OÜ
Pudisoo küla, Männimäe/1
74626 Kuusalu vald
Harju maakond
Estonia

Contact: Sebastian Heyden, sebastian@stakesquid.eu

What This Policy Covers

This privacy policy explains what personal data StakeSquid OÜ collects, how we use it, and what rights you have under the General Data Protection Regulation (GDPR).

What We Collect and Why

Website Access Logs

Our web server (Caddy) keeps standard HTTP access logs that include:

  • IP addresses
  • User agent strings (browser/device information)
  • Timestamps of requests
  • URLs accessed
  • HTTP status codes and response sizes

Purpose: Security monitoring, operational troubleshooting, and protection against abuse. These logs are retained for a limited period and are not used for analytics or tracking.

Email Communication

When you contact us via email (e.g., for inquiries about our managed RPC service or snapshots), we process:

  • Your email address
  • The content of your message
  • Any personal information you choose to include

Purpose: To respond to your inquiry and provide the requested information or service.

What We Do NOT Collect

We operate a static website with:

  • No cookies — the site sets no cookies whatsoever
  • No trackers — no Google Analytics, no third-party tracking scripts
  • No analytics — we do not collect usage statistics or user behavior data
  • No signup forms — we do not collect data through forms or registrations
  • No external CDNs or fonts — all resources are self-hosted

Legal Basis for Processing

Access logs: Processed under GDPR Article 6(1)(f) — legitimate interest for security and operations. This processing is necessary for the operation of a secure, functional website.

Email communication: Processed under GDPR Article 6(1)(b) — necessary for the performance of a contract (or pre-contractual measures) when you inquire about our services, and under Article 6(1)(f) for general inquiries.

Data Retention

Access logs: Retained for 30 days, then automatically deleted.

Email correspondence: Retained for the duration necessary to fulfill your request and for 2 years thereafter for record-keeping and reference purposes, unless you request deletion.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. All data is stored on servers we control.

Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of access (Article 15): You can request a copy of the personal data we hold about you.
  • Right to rectification (Article 16): You can request correction of inaccurate or incomplete data.
  • Right to erasure (Article 17): You can request deletion of your personal data in certain circumstances.
  • Right to restriction of processing (Article 18): You can request that we limit how we use your data.
  • Right to data portability (Article 20): You can request your data in a machine-readable format.
  • Right to object (Article 21): You can object to processing based on legitimate interest.

To exercise any of these rights, please contact us at sebastian@stakesquid.eu.

Automated Decision-Making

We do not use automated decision-making or profiling that would have legal or similarly significant effects on you.

Third-Party Disclosure

We do not disclose personal data to third parties except as required by law or with your explicit consent.

Changes to This Policy

We may update this privacy policy from time to time. The current version is always available at /privacy.html.

Last updated: July 15, 2026