This policy explains what data synopolis.com processes, why, and for how long. It is written for readers of the public site and for people who use the contact form.
Who we are
synopolis.com is an editorial collection of links and short write-ups. The site is primarily static; only a small contact API runs on the server so we can receive email without embedding a third-party widget.
Data we collect when you browse
Server and infrastructure logs. Like most websites, hosting providers and reverse proxies may log technical data such as IP address, request path, user agent, approximate timing, and HTTP status. We use these logs for security, abuse prevention, and troubleshooting. Typical retention follows the defaults of whichever host or CDN fronts the site—you can ask us for specifics when you write in.
No accounts. We do not offer user registration on synopolis.com, so there is no password database or authenticated profile tied to browsing.
Data you send through the Contact form
When you submit the form we collect strictly what you type—name, email, subject line, optional innocuous honeypot field, coarse timing stamps to detect scripted spam, plus connection metadata forwarded by proxies (often your IP).
We relay that bundle as a plain-text email to the inbox configured server-side only by the operators (recipient address lives in deployment environment variables, not in Git). Delivery uses SMTP operated by whoever hosts mail ingress for that inbox. SMTP servers may log delivery metadata pursuant to their own policies.
Purposes:
- Respond to substantive reader mail.
- Block automated abuse via rate limiting, timing heuristics, referer filtering in production, and hidden-field traps—not captcha puzzles.
Legal bases (EEA mindset). Submission is voluntary; contacting us expresses consent or a legitimate-interest request for correspondence alongside our interest in defending the inbox from bots.
Retention stays proportionate: once a thread is handled we may keep messages only as long as needed for follow-up or legal compliance, then delete or archive.
Cookies and local storage
The public site does not rely on marketing cookies. Any strictly necessary ephemeral storage would support site operation only (for example Astro’s dev tooling)—production readers should encounter minimal first-party scripting beyond the layout and optional analytics you later choose to configure.
Third-party outbound links might set cookies when you navigate away; consult each destination’s notices.
Newsletters / analytics
synopolis.com does not subscribe visitors to newsletters automatically. RSS remains available separately.
When PUBLIC_GA_MEASUREMENT_ID is set server-side we load Google Analytics 4 (gtag.js) on public pages solely for aggregate traffic telemetry; omitting that variable keeps GA disabled. Requests are IP-masked pursuant to GA documentation and configurable Data retention in the GA admin console.
Your rights & choices
Depending on jurisdiction you may ask to:
- Receive a concise summary of the personal data we hold about you (usually little beyond contact threads).
- Correct inaccurate information.
- Request deletion where no overriding duty (legal hold, malware investigation) conflicts.
Send requests through Contact from an email you control so we can verify ownership.
Security
Transport security (HTTPS), SMTP TLS where supported, and operational hardening mitigate risk, but no transmission is immune to compromise. Avoid sharing secrets, credentials, keys, payment details, health data, or other highly sensitive payloads through the generic contact inbox.
Children
synopolis.com targets adult readers discovering tools online. Contact messages from minors must involve a parent or guardian if local law demands it.
Changes
We revise this Privacy Policy alongside material feature changes—and note the editorial date atop the Markdown source. Substantive updates will bump the date field so you know when wording last changed materially.
How to reach us
Visit Contact—we monitor that channel for privacy questions tied to synopolis.com.