Privacy Policy
Last updated: June 21, 2026
This policy explains what personal data Khalid Arafa collects, how we use it, and the rights you have over it.
1. Who we are
This website (khalidarafa.com, "Khalid Arafa") is operated by [LEGAL NAME] ("we", "us"), the data controller responsible for your personal data. For any privacy question or request, contact us at [CONTACT EMAIL].
2. Information you provide to us
We only collect personal information you choose to give us:
- Contact form — your name, your email address and/or phone number, and the contents of your message. This is used solely to respond to your enquiry.
- Newsletter — your email address, if you subscribe. Used only to send you the newsletter you signed up for.
3. Information collected automatically (analytics)
We run our own first-party analytics to understand how the site is used. We do not use third-party advertising trackers, and we do not sell your data. We collect:
- Pages viewed, links and buttons clicked, scroll depth, and session duration.
- A randomly generated, pseudonymous visitor and session identifier stored in your browser's local storage (not a cookie). It contains no name or contact details and is used to distinguish repeat visits.
- Technical context: browser, operating system, device type, language, time zone, the referring website's domain, and an approximate country derived from your IP address. We do not store your full IP address as part of the analytics record.
You can clear this data at any time by clearing your browser's local storage for this site.
4. Cookies
The public site does not set advertising or tracking cookies. Analytics identifiers are kept in your browser's local storage rather than cookies. The only cookie we set is a strictly necessary, secure authentication cookie used for the private admin area, which regular visitors never receive.
5. How we use your information
- To respond to messages you send through the contact form.
- To send the newsletter to subscribers, including an unsubscribe link in every email.
- To operate, secure, and improve the website, and to understand aggregate usage trends.
- To detect abuse and protect the site (for example, rate-limiting form submissions).
6. Legal bases for processing
Where the GDPR or similar laws apply, we rely on: your consent (newsletter subscription); the steps necessary to respond to your request (contact form); and our legitimate interests in running, securing, and improving the site (privacy-respecting analytics).
7. Sharing and service providers
We do not sell or rent your personal data. We share it only with service providers who help us operate the site, and only as needed:
- Our hosting and database provider, which stores form submissions, newsletter subscriptions, and analytics records.
- Our email (SMTP) provider, used to deliver contact-form notifications to us and to send newsletter emails.
We may also disclose information if required by law.
8. Data retention
We keep contact messages for as long as needed to handle your enquiry and our records. Newsletter subscriptions are kept until you unsubscribe. Analytics records are retained in aggregate to track trends over time. You may ask us to delete data we hold about you.
9. Your rights
Depending on where you live, you may have the right to access, correct, delete, or restrict processing of your personal data, to object to processing, and to data portability. To exercise any of these, email [CONTACT EMAIL] and we will respond within the time required by applicable law.
You can unsubscribe from the newsletter at any time using the link in any newsletter email, or by contacting us.
10. Data security
We apply reasonable technical and organisational measures to protect your data, including encrypted connections (HTTPS), access controls on the admin area, and rate limiting on public forms. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.
11. International transfers
Our service providers may process and store data in countries other than yours. Where required, we take steps to ensure your data receives an adequate level of protection.
12. Children's privacy
This site is not directed to children, and we do not knowingly collect personal data from children.
13. Changes to this policy
We may update this policy from time to time. The "Last updated" date above reflects the most recent change.
14. Contact
Questions about this policy or your data? Email [CONTACT EMAIL], or use the contact form on this site. Governing law: [JURISDICTION].