Privacy Policy

This page is loading its table of contents.

Introduction

Your privacy is important to me. This policy explains how I collect, use, and safeguard your data when you visit zalt.me or engage my services. My goal is to be transparent, collecting only what is necessary to run this website and respond to you.

I am Mahmoud Zalt, the owner and data controller for this site. I operate as a sole proprietor registered in The Netherlands.

Privacy Summary

• Processed locally in your browser: In-browser AI and text utilities process your input on your device.
• Never sent to servers: Tool input is not transmitted to my servers.
• No prompts stored: I do not store or log text entered into these tools.
• No training: I do not use tool input to train models.
• Client services: Confidential by default; not reused without permission.

In-Browser AI Tools & User-Provided Content

This website includes tools and utilities (not limited to any specific list) such as AI chat, counters, humanizers, token/text tools, and other AI-related text utilities.

• Local processing: Text you enter into these tools is processed entirely in your browser.
• No server access: I do not receive, store, cache, inspect, or log this tool input or output on my servers.
• No third-party access: This tool input is not shared with third parties by me.

No sensitive data handling: Please do not enter highly sensitive or regulated data into these tools (for example: passwords, private keys, medical records, or financial credentials). Even if processing is local, you are responsible for what you choose to input on your device.

Client Services & Professional Confidentiality

This section applies only to paid professional services and consulting engagements.

Confidential by default: All service-related information is treated as confidential, including (where applicable) conversations (calls, messages, emails), business context and strategy, source code and repositories, architecture diagrams, configurations, credentials, logs, metrics, and any materials you share before, during, or after an engagement.

Purpose & legal basis: I process service-related data only to deliver the agreed scope, communicate with you, and provide support. This is based on performing a contract (or steps leading to a contract) and my legitimate interest in delivering and maintaining the engagement.

• Use limitations: Service data is used strictly for delivery and support, not for training AI models, and not to improve unrelated products or tools.
• No reuse without permission: I do not reuse client materials for marketing, public demos, talks, or case studies without explicit written permission.
• Access & sharing: Access is limited to me. I do not disclose client information to third parties unless required to deliver the service, comply with law, or you instruct/authorize me to do so.
• Security measures: I use reasonable administrative and technical safeguards (such as access control and least privilege). No method of transmission or storage is 100% secure.
• Retention & precedence: Service data is retained only as long as necessary for delivery, support, record-keeping, and legal/tax obligations. If an NDA/MSA/DPA or written contract applies, it overrides this policy for that engagement.
• Client preferences: If you require specific handling (for example, client-provided storage, retention limits, or communication constraints), you can request it and I will follow where feasible.

AI-Generated Blog Content

Some blog posts on this site are drafted with the help of AI tools and then reviewed and edited by me. Content is provided for informational purposes and may contain errors; it should not be treated as professional advice.

I do not use text entered by visitors into on-site tools to generate blog posts, and I do not use it to train models.

What Information I Collect

When you use this website or contact me, I may collect the following:

• Contact Information: Your name, email address, and message content when you send me an email or use my contact form. This is used solely to respond to your inquiry. You can find my contact information in my contact card (vCard).
• Meeting Information: Your name and email when you book a meeting, which are used to send you the calendar invitation.
• Website Analytics: This site uses Google Analytics and PostHog to understand website traffic. These services provide anonymous, aggregated data (like which pages are popular, your general geographic location, and device type). This helps me improve the site's content and find technical errors.
• Server Logs: My hosting (AWS) and security/CDN (Cloudflare) providers automatically collect standard server logs. This typically includes your IP address, browser type, and the pages you requested. This is essential for security, performance, and troubleshooting.

I do not collect, receive, or process text entered into in-browser AI tools, counters, or utilities provided on the Tools section.

How I Use & Share Your Information

I use the data collected to provide my services, communicate with you, and improve this site's performance and content.

I will never sell your personal data.

I only share data with these essential service providers (sub-processors) to operate this website:

• Google: For website analytics (Google Analytics) and for processing emails and calendar appointments (Google Workspace).
• PostHog: For website analytics to understand user behavior and improve the site experience (page views and navigation events only; never tool input content).
• Cloudflare: To provide the Content Delivery Network (CDN), security (WAF), and performance optimization.
• Amazon Web Services (AWS): For hosting the website files (S3) and serving them (CloudFront).

Cookies & Local Storage

This website uses localStorage and cookies for the following specific purposes:

• Local Storage (Essential): Your light/dark mode preference is stored only on your device in localStorage. It is never sent to me or any third party.
• Tool Inputs (On-Device): Text entered into in-browser AI tools and utilities may exist temporarily in your browser (for example, in memory while a tool is open). It is not persisted server-side by me. It is typically cleared when you refresh or close the page, although your browser may retain form state on your device (for example, during session restore).
• Cookies (Analytics & Security): Google Analytics, PostHog, and Cloudflare use cookies to help distinguish visitors (for analytics) and to identify trusted web traffic (for security).

You can block, manage, or delete these cookies at any time through your browser's settings.

Your Rights (GDPR)

As I am based in the EU, you are protected by the GDPR and have the right to:

• Access: Request a copy of the personal data I hold about you.
• Rectification: Request correction of any inaccurate or incomplete data.
• Erasure: Request deletion of your personal data (such as our email correspondence).

To exercise any of these rights, please contact me at [email protected].

Policy Updates

I may update this policy from time to time. The "Last updated" date at the top of this page will always reflect the latest version.

Related Policies & Resources