legal document · 01 of 02

Privacy Policy.

effective · Apr 23 · 2026 version · v1.0.0 jurisdiction · TX, USA operator · Anthony Perez
sha-1 · 7f4ac92e…b301  ·  ~/legal/privacy.md

01Overview

This is the personal portfolio site of Anthony Perez (perezbox3.com). I respect your privacy and collect only what is necessary to operate the site, respond to messages, and keep things secure. I don't sell your data — ever.

This policy covers the public portfolio, contact endpoints, and the admin-only dashboard accessible via /login.

02Information we collect

  • Contact info you submit directly (name, email, message content) when you reach out.
  • Authentication data for admin access: email, hashed password, and TOTP secret.
  • Technical logs: IP address, user agent, timestamps, and requested paths — used for debugging and abuse prevention.
  • Cookies strictly necessary for session management on the admin side.
never collected
SSN, payment info, location beyond IP-derived region, biometric data
never shared
Your email, contact message, or any account data

03How we use it

Data collected is used only to:

  • Respond to messages you send through the contact links.
  • Authenticate the site owner and any authorized admins.
  • Detect and block abuse (rate limiting, brute-force protection).
  • Understand aggregate traffic — which pages are read, from what region, on what device.

04Cookies & analytics

The public portfolio uses no marketing cookies and no third-party trackers. Aggregate, anonymized traffic data may be collected via a privacy-respecting analytics endpoint. The admin dashboard uses a single session cookie required for login.

05Third-party services

Where third parties are used, it is limited to:

  • Google Fonts — serves the JetBrains Mono typeface.
  • Mailgun (on paid projects only) — for transactional email delivery.
  • Stripe (on paid projects only) — for any billing flows; Stripe handles payment data directly and I never see card numbers.

This portfolio itself does not process payments or subscriptions.

06Data retention

contact messages
kept as long as needed to continue the conversation; deleted on request
access logs
rotated every 30 days
auth sessions
expire on logout or after 14 days of inactivity

07Your rights

You can, at any time, request:

  • A copy of any personal data associated with you.
  • Correction of inaccurate data.
  • Deletion of your data, subject to legal retention requirements.

Send requests to anthony@perezbox.com. Requests are handled within 30 days.

08Security

All traffic is served over TLS 1.3. Admin accounts require TOTP two-factor authentication. Passwords are hashed with industry-standard algorithms and are never stored in plaintext. Rate limiting is enforced at the edge.

No system is perfectly secure. I'll notify affected users promptly if a breach is confirmed.

09Children

This site is not directed at children under 13, and I do not knowingly collect data from them.

10Changes

This policy may change. When it does, the version number and effective date at the top of this page will update. Material changes will also be called out in the site's footer.

11Contact

Questions about this policy? Reach out directly:

email
anthony@perezbox.com
based in
Weatherford, TX · USA
doc CT —:—:— legal.v1
/legal/privacy md · 11 sections © 2026 perezbox3