Last Updated: 16 June 2025

Privacy Policy

1. Introduction

Åndra Labs B.V. ("we," "our," or "us") operates the Åndra Dev Blog (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We are committed to protecting your privacy and ensuring transparency about how we handle your information. This policy explains what information we collect, how we use it, and your rights regarding your personal data.

2. Contact Information

Data Controller: Åndra Labs B.V.

Email: [email protected]

For any privacy-related questions or requests, please contact us at the above email address.

3. Information We Collect

3.1 Analytics Data

We use PostHog for website analytics to understand how visitors interact with our content. This may include:

  • Page views and navigation patterns
  • Device type, browser information, and screen resolution
  • Approximate location (country/region level)
  • Referral sources (how you found our site)
  • Time spent on pages and bounce rates

3.2 Technical Data

Our web servers automatically collect certain technical information:

  • IP addresses (anonymised where possible)
  • HTTP request data (URLs, request methods, response codes)
  • Browser user agent strings
  • Access timestamps

3.3 Cookies and Local Storage

We use cookies and browser local storage for:

  • Analytics tracking (PostHog cookies)
  • Remembering your cookie consent preferences
  • Language and theme preferences
  • Improving site performance and user experience

4. How We Use Your Information

We use the collected information for the following purposes:

  • Website Analytics: To understand how our content is used and improve user experience
  • Technical Maintenance: To ensure proper functioning, security, and performance of our website
  • Content Optimisation: To understand which content is most valuable to our readers
  • Security: To detect and prevent abuse, spam, and malicious activity

5. Legal Basis for Processing

Under GDPR, we process your personal data based on:

  • Legitimate Interest: For analytics and website improvement purposes
  • Consent: Where you have provided explicit consent (e.g., for analytics cookies)
  • Legal Obligation: Where required by law for security and compliance purposes

6. Data Sharing and Third Parties

6.1 Third-Party Services

We share data with the following third-party services:

  • PostHog: For website analytics and user behaviour tracking
  • Google Cloud Platform: For website hosting and content delivery
  • GitHub: For version control and deployment automation

6.2 Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). We ensure appropriate safeguards are in place for any international data transfers, including adequacy decisions, standard contractual clauses, or other approved mechanisms.

7. Data Retention

We retain personal data for as long as necessary to fulfil the purposes outlined in this policy:

  • Analytics Data: Retained for up to 24 months for trend analysis
  • Server Logs: Retained for up to 12 months for security and technical purposes
  • Cookie Preferences: Stored locally until you clear your browser data or change preferences

8. Your Rights

Under GDPR and other applicable privacy laws, you have the following rights:

Access & Portability

  • • Right to access your personal data
  • • Right to data portability

Correction & Deletion

  • • Right to rectify inaccurate data
  • • Right to erasure ("right to be forgotten")

Control & Objection

  • • Right to restrict processing
  • • Right to object to processing

Consent & Complaints

  • • Right to withdraw consent
  • • Right to lodge complaints

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Cookie Management

You can control cookie settings through our cookie consent banner or your browser settings. Please note that disabling certain cookies may affect website functionality.

Note: You can update your cookie preferences at any time by clearing your browser data and revisiting our site, which will trigger the consent banner again.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure.

  • HTTPS encryption for all website traffic
  • Regular security updates and monitoring
  • Access controls and data minimisation practices
  • Secure hosting infrastructure

11. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from children without parental consent, we will take steps to delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify users of significant changes through our website
  • Maintain previous versions for reference when required by law

Your continued use of our Service after any changes indicates your acceptance of the updated policy.

13. Supervisory Authority

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with your local data protection authority. For users in the Netherlands, this is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).

This privacy policy was last updated on 16 June 2025. For questions about this policy, please contact us at [email protected].