Last updated: 16 May 2026
This Privacy Policy explains how personal data is processed when you use jishnunambiar.com (the “Website”). We aim to comply with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.
1. Controller
The data controller responsible for processing under this policy is:
Jishnu Nambiar
Email: jishnunambiarr@gmail.com
If you have questions about this policy or your data, contact us at the email above.
2. Scope
This policy applies to the Website, including static pages, the Thoughts section, and interactive experiments (such as the Counter-Strike-inspired portfolio). Third-party websites linked from the Website are governed by their own policies.
3. Data we process
3.1 Data you provide
We do not operate contact forms, newsletters, or user accounts on the Website. If you email us voluntarily, we process the information you send (e.g. email address, message content) to respond to your enquiry.
3.2 Automatically processed data
When you visit the Website, our hosting provider may process technical data required to deliver the site, such as:
- IP address
- Date and time of access
- Requested URL and referrer
- Browser type and operating system
We do not use analytics, advertising, or social tracking tools on the Website.
3.3 Local storage on your device
Some interactive pages may store settings locally in your browser (for example game preferences). This data stays on your device and is not transmitted to us unless you choose to share it (e.g. by email).
4. Purposes and legal bases (GDPR Art. 6)
- Providing the Website: technical delivery and security (legitimate interest, Art. 6(1)(f); where required, performance of steps prior to a contract, Art. 6(1)(b)).
- Responding to enquiries: if you contact us (legitimate interest or pre-contractual steps, Art. 6(1)(f) / 6(1)(b); or consent where applicable, Art. 6(1)(a)).
- Compliance with law: where we must retain or disclose data (legal obligation, Art. 6(1)(c)).
5. Cookies and similar technologies
We do not set non-essential cookies for tracking or profiling. Strictly necessary technologies may be used by the hosting infrastructure to operate the site. Where local storage is used for functionality on interactive pages, it serves only your on-device preferences.
6. Recipients and processors
We use infrastructure providers (e.g. web hosting) who process personal data on our behalf as processors under Article 28 GDPR. We require appropriate contractual safeguards. We do not sell your personal data.
7. International transfers
If data is processed outside the European Economic Area, we ensure appropriate safeguards (such as EU Standard Contractual Clauses or an adequacy decision) where required by law.
8. Retention
- Server logs: retained only as long as needed for security and operation, then deleted or anonymised.
- Emails you send us: retained as long as necessary to handle your request and meet legal obligations.
- Local browser storage: controlled by you; clear it via your browser settings.
9. Your rights
Under the GDPR, you may have the right to:
- Access your personal data (Art. 15)
- Rectification (Art. 16)
- Erasure (“right to be forgotten”) (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20), where applicable
- Object to processing based on legitimate interests (Art. 21)
- Withdraw consent at any time, without affecting prior processing (Art. 7(3))
To exercise these rights, contact jishnunambiarr@gmail.com. You also have the right to lodge a complaint with a supervisory authority, in particular in your EU member state of habitual residence, place of work, or place of the alleged infringement.
For Germany, you may contact your local Landesbeauftragte für Datenschutz or the federal commissioner at bfdi.bund.de.
10. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse, in line with the state of the art and the nature of the data processed.
11. Children
The Website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us so we can delete it.
12. Changes
We may update this policy to reflect legal or technical changes. The “Last updated” date at the top indicates the current version. Material changes will be published on this page.
This document is provided for transparency and does not constitute legal advice. For binding advice tailored to your situation, consult a qualified lawyer.