Who this applies to
This policy applies to visitors and readers of the Site. If you use third-party services linked from the Site (for example social networks or comment providers), their policies also apply to those services.
Information we may collect
Information you provide voluntarily
- Contact or messages: If you use the contact form or otherwise write to us, we receive whatever you choose to send (for example your name, email address, and message content). We use this only to respond and to operate the Site, unless you agree otherwise.
- Newsletter: If newsletter signup is enabled and connected to an email provider (for example Mailchimp), your email address and related subscription data are processed by that provider under their terms and this policy. Do not subscribe if you do not accept that processing.
Information collected automatically
- Server and hosting logs: Our hosting infrastructure may log technical data such as IP address, approximate location derived from IP, browser type, request time, and pages requested. This is typical for security, abuse prevention, and reliability.
- Cookies and similar technologies: The Site may use cookies or local storage for essential functionality (for example theme preference: light/dark/system), and, when configured, for analytics or embedded features (see below).
Contact details on the About page (résumé)
On broMadX, the About page may show email and links to professional profiles on purpose so employers, clients, and collaborators can reach me (résumé under Achmad Firdaus). That information is not posted for general marketing lists or public reuse.
You must not use it to:
- Send spam, unsolicited bulk email, or irrelevant sales outreach
- Scrape, harvest, or republish contact details in directories, lead databases, or data-broker products
- Run automated or scripted collection or messaging at scale
- Harass, intimidate, or misuse the information in any way
Permitted use is limited to good-faith, relevant professional contact (for example recruitment, project inquiries, or security coordination). Misuse may violate law and platform rules; we may block access, notify providers, or pursue other remedies where appropriate. When you open the About page, a short notice may remind you of this policy before you view those details.
Comments (Disqus)
Where Disqus comment threads are enabled on posts, Disqus may collect and process data when you view or interact with comments. That processing is governed by Disqus’s privacy policy. You can manage certain Disqus settings through your Disqus account and browser controls.
Analytics and tags
If Google Tag Manager or similar tools are configured for the Site, they may collect usage data according to the provider’s documentation and your browser settings. When no such tool is configured, we do not add extra analytics through this template beyond what hosting and embedded services already provide.
How we use information
We use the information described above to:
- Operate, secure, and improve the Site
- Respond to messages you send us
- Understand aggregate readership patterns where analytics are enabled
- Comply with applicable law and protect rights, safety, and integrity of the Site and its users
We do not sell your personal information. We do not use automated decision-making that produces legal or similarly significant effects solely based on automated processing for this blog.
Legal bases (where relevant)
Depending on your location, processing may rely on:
- Legitimate interests (for example running a secure blog, measuring basic traffic, responding to inquiries)
- Consent (where required for optional cookies, newsletters, or similar; you may withdraw consent by adjusting settings or unsubscribing)
- Performance of a request (for example answering a message you send)
Retention
We keep information only as long as needed for the purposes above, including:
- Messages: Long enough to respond and handle follow-up; routine deletion thereafter unless a longer period is required for legal or security reasons.
- Server logs: According to hosting provider defaults or our configuration, typically rotated or deleted after a limited period.
- Newsletter / third-party tools: As described by the respective provider’s dashboard and legal terms.
Security
We apply reasonable technical and organizational measures appropriate to a personal site (for example transport encryption where provided by the platform, access minimization, and secure dependencies). No method of transmission over the Internet is completely secure; we cannot guarantee absolute security.
International transfers
The Site may be served from or backed by infrastructure in various countries. By using the Site, you understand that information may be processed in countries other than your own, including where our hosting or embedded providers operate.
Your choices and rights
Depending on applicable law (for example GDPR, UK GDPR, or similar), you may have the right to:
- Access personal data we hold about you
- Rectify inaccurate data
- Erase data in certain cases
- Restrict or object to certain processing
- Data portability where applicable
- Withdraw consent where processing is consent-based
- Lodge a complaint with a supervisory authority
To exercise these rights, contact us using the details below. We may need to verify your request.
Children’s privacy
The Site is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have, please contact us and we will take appropriate steps.
Changes to this policy
We may update this Privacy Policy from time to time. The Last updated date shown at the top of this page will change when we do. Continued use of the Site after changes means you accept the updated policy. If changes are material, we may provide additional notice where appropriate.
Contact
For privacy-related questions or requests:
For issues specific to Disqus or email/newsletter providers, please also review their help and privacy pages, as they process data on their own behalf in addition to what we describe here.