Privacy Policy
Data Controller
StakeSquid OÜ
Pudisoo küla, Männimäe/1
74626 Kuusalu vald
Harju maakond
Estonia
Contact: Sebastian Heyden, sebastian@stakesquid.eu
What This Policy Covers
This privacy policy explains what personal data StakeSquid OÜ collects, how we use it, and what rights you have under the General Data Protection Regulation (GDPR).
What We Collect and Why
Website Access Logs
Our web server (Caddy) keeps standard HTTP access logs that include:
- IP addresses
- User agent strings (browser/device information)
- Timestamps of requests
- URLs accessed
- HTTP status codes and response sizes
Purpose: Security monitoring, operational troubleshooting, and protection against abuse. These logs are retained for a limited period and are not used for analytics or tracking.
Email Communication
When you contact us via email (e.g., for inquiries about our managed RPC service or snapshots), we process:
- Your email address
- The content of your message
- Any personal information you choose to include
Purpose: To respond to your inquiry and provide the requested information or service.
What We Do NOT Collect
We operate a static website with:
- No cookies — the site sets no cookies whatsoever
- No trackers — no Google Analytics, no third-party tracking scripts
- No analytics — we do not collect usage statistics or user behavior data
- No signup forms — we do not collect data through forms or registrations
- No external CDNs or fonts — all resources are self-hosted
Legal Basis for Processing
Access logs: Processed under GDPR Article 6(1)(f) — legitimate interest for security and operations. This processing is necessary for the operation of a secure, functional website.
Email communication: Processed under GDPR Article 6(1)(b) — necessary for the performance of a contract (or pre-contractual measures) when you inquire about our services, and under Article 6(1)(f) for general inquiries.
Data Retention
Access logs: Retained for 30 days, then automatically deleted.
Email correspondence: Retained for the duration necessary to fulfill your request and for 2 years thereafter for record-keeping and reference purposes, unless you request deletion.
Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. All data is stored on servers we control.
Your Rights Under GDPR
As a data subject, you have the following rights:
- Right of access (Article 15): You can request a copy of the personal data we hold about you.
- Right to rectification (Article 16): You can request correction of inaccurate or incomplete data.
- Right to erasure (Article 17): You can request deletion of your personal data in certain circumstances.
- Right to restriction of processing (Article 18): You can request that we limit how we use your data.
- Right to data portability (Article 20): You can request your data in a machine-readable format.
- Right to object (Article 21): You can object to processing based on legitimate interest.
To exercise any of these rights, please contact us at sebastian@stakesquid.eu.
Automated Decision-Making
We do not use automated decision-making or profiling that would have legal or similarly significant effects on you.
Third-Party Disclosure
We do not disclose personal data to third parties except as required by law or with your explicit consent.
Changes to This Policy
We may update this privacy policy from time to time. The current version is always available at /privacy.html.
Last updated: July 15, 2026