txeo/cv-site
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
25e9ebafe7e90134ed2a74ec355261d74fc8c207
cv-site/doc/PRIVACY.md
T
juanatsap f211d40803 docs: consolidate and sanitize documentation for public release 
**Changes Summary:**

**Files Deleted (6 files):**
- doc/HTMX-PRODUCTION-RECOMMENDATIONS.md (implementation notes)
- doc/SEO-OPTIMIZATION-COMPLETE.md (implementation artifact)
- doc/PROJECT-DOCUMENTATION-SUMMARY.md (meta-documentation)
- doc/PROJECT_STATUS.md (internal roadmap)
- doc/API-QUICK-REFERENCE.md (consolidated into API.md)
- doc/API-PROTECTION.md (consolidated into API.md and SECURITY.md)

**API Documentation Enhanced:**
- Added Quick Reference section to API.md (from API-QUICK-REFERENCE.md)
- Added Security & Protection section to API.md (from API-PROTECTION.md)
- Updated Rate Limiting section to reflect actual implementation
- Added Origin Checking documentation with examples

**SECURITY.md Enhanced:**
- Added comprehensive API Protection Features section
- Updated Rate Limiting section (was marked "Not implemented", now shows it IS implemented)
- Added Origin Checking configuration and examples
- Added Combined Protection flow documentation
- Added Testing Protection section with curl examples
- Added Production Deployment Checklist
- Added Troubleshooting section

**Private Information Removed:**
- README.md: Removed matomo.drolo.club and site ID references
- PRIVACY.md: Replaced specific Matomo server with generic template
- CUSTOMIZATION.md: Replaced Analytics Configuration with generic guide
- All Matomo-specific details replaced with placeholders

**Documentation Navigation:**
- README.md: Enhanced Documentation section with organized categories
  - Getting Started (README, DEPLOYMENT, CUSTOMIZATION)
  - Technical Reference (ARCHITECTURE, API)
  - Policies & Standards (SECURITY, PRIVACY, CODE_OF_CONDUCT, CONTRIBUTING)
  - License

**Broken Links Fixed:**
- Removed reference to non-existent CHANGELOG.md in API.md
- Fixed relative paths for cross-document references
- Verified all internal documentation links

**Result:**
- Documentation reduced from 16 files to 10 core files (37.5% reduction)
- No private information exposed (all Matomo details sanitized)
- No implementation artifacts remaining
- Clear, professional structure suitable for public instructive project
- Comprehensive API and security documentation
- All essential content preserved and enhanced

This documentation now represents a professional, instructive open-source project suitable for public consumption and learning purposes.
2025-11-12 16:04:43 +00:00

3.3 KiB
Raw Blame History

Privacy & Cookies Policy

Last Updated: November 9, 2025

This website is a personal CV/portfolio site for Juan Andrés Moreno Rubio. This privacy notice explains what data is collected and how it's used.

Analytics & Tracking

Matomo Analytics

This website uses Matomo, a self-hosted, privacy-friendly analytics platform to understand visitor behavior.

What is collected:

  • Pages you visit
  • Language preference (EN/ES)
  • Approximate location (country/city level)
  • Browser type and operating system
  • Referring website (if any)
  • Time spent on site
  • Clicks on external links

What is NOT collected:

  • Personal identifying information (name, email, phone)
  • Precise geolocation
  • Cross-site tracking data

Cookies used:

  • _pk_id: Visitor identifier (13 months)
  • _pk_ses: Session identifier (30 minutes)
  • _pk_ref: Attribution information (6 months)

Data storage:

  • All analytics data is stored on a self-hosted Matomo instance
  • Data is NOT shared with third parties
  • Data is NOT sold or used for advertising

Opt-out:

  • Matomo respects "Do Not Track" browser settings
  • You can block cookies in your browser settings
  • You can use browser extensions to block analytics scripts

Other Data Collection

Language Preference

The site stores your language preference (English/Spanish) in localStorage to remember your choice across visits. This is stored only in your browser and is never sent to the server.

No Account System

This website does NOT require accounts, logins, or user registration. No personal data is collected through forms.

Contact

If you have questions about this privacy policy or data handling:

Email: Contact information available on the CV itself GitHub: https://github.com/juanatsap/cv-site

For Developers Using This Code

This privacy policy is a template showing how to handle self-hosted analytics. If you use this code:

If You Want Analytics:

  1. Set up your own analytics service (Matomo, Plausible, etc.)
  2. Update the tracking code in templates/index.html:
    • Replace the analytics server URL with yours
    • Replace the site ID with yours
  3. Update CSP headers in internal/middleware/security.go:
    • Add your analytics domain to script-src and connect-src
  4. Rewrite this PRIVACY.md file with your own:
    • Contact information
    • Analytics provider details
    • Data handling practices

If You Don't Want Analytics:

  1. Remove the analytics <script> block from templates/index.html
  2. Remove analytics domains from CSP headers in internal/middleware/security.go
  3. Simplify this PRIVACY.md to state "This site does not use analytics or tracking"

Template Variables to Replace:

  • [YOUR-ANALYTICS-SERVER.COM] - Your analytics server domain
  • [YOUR-SITE-ID] - Your analytics site identifier
  • [YOUR-CONTACT-INFO] - Your contact information
  • [YOUR-GITHUB] - Your GitHub profile/repository

Changes to This Policy

This privacy policy may be updated occasionally. Changes will be reflected with a new "Last Updated" date at the top of this document.

Bottom line: This site uses self-hosted analytics to understand visitor behavior. No personal data is collected, sold, or shared. You can disable tracking via browser settings or Do Not Track.

Reference in New Issue View Git Blame Copy Permalink