Privacy Policy

Effective date: 2026-04-22

Last updated: 2026-04-22

This Privacy Policy explains how Artem Nechunaev (“we”, “us”, “the Operator”) collects, uses, and protects personal data when you visit or use nechunaev.com (the “Site”) and any related services, features, tools, or content (together, the “Services”).

We process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”), the Swedish Data Protection Act (lag [2018:218] med kompletterande bestämmelser till EU:s dataskyddsförordning), and the Swedish Electronic Communications Act (lag [2022:482] om elektronisk kommunikation) for cookies and similar technologies.

1. Data Controller

The data controller responsible for your personal data is:

Artem Nechunaev

Sweden

Email: [email protected]

Because this is a personal website operated by an individual, we are not required to appoint a Data Protection Officer. You can contact us directly at the email above for any privacy-related question or request.

2. What We Collect and Why

We only collect personal data that we actually need. The categories below depend on which features of the Site you use.

2.1 When you visit the Site

When you load a page, our hosting provider automatically receives technical information that is standard for web traffic:

• IP address
• Browser type and version, operating system
• Referring URL and pages visited
• Date and time of the request

Purpose: operating the Site, maintaining security, diagnosing problems, and preventing abuse.

Legal basis: our legitimate interest (Art. 6(1)(f) GDPR) in running a functional and secure website.

Retention: server access logs are kept for up to 30 days, then deleted or anonymised.

2.2 When you use the contact form

We collect the information you provide — typically your name, email address, and the content of your message.

Purpose: responding to your enquiry.

Legal basis: your consent (Art. 6(1)(a) GDPR) when you submit the form, and/or steps taken at your request prior to entering into a possible arrangement (Art. 6(1)(b) GDPR).

Retention: correspondence is kept for as long as needed to handle your enquiry and for a reasonable period afterwards, typically no longer than 24 months, unless a longer period is required by law.

2.3 When you register an account

We collect the information needed to create and manage your account — at minimum a username and email address, plus a password (stored only as a salted hash). You may also choose to provide optional profile information such as a display name, avatar, or bio.

Purpose: creating your account, authenticating you, providing account-based features, and communicating with you about the Services.

Legal basis: performance of the agreement represented by these terms (Art. 6(1)(b) GDPR).

Retention: for as long as your account is active. If you close your account or it remains inactive for an extended period, we delete or anonymise your account data within a reasonable time, except where we need to retain specific records to comply with a legal obligation or to establish, exercise, or defend legal claims.

2.4 When you post comments or other contributions

We store the content you submit, along with metadata such as the time of submission and the account or identifier associated with it. Where comments are public, your display name and comment content are visible to other visitors.

Purpose: operating the community features of the Site.

Legal basis: performance of our agreement with you (Art. 6(1)(b) GDPR) and our legitimate interest (Art. 6(1)(f) GDPR) in moderating content and preventing abuse.

Retention: public contributions remain on the Site until you delete them or until we remove them under our Terms of Use. Associated metadata (e.g. IP address at time of posting) is retained for up to 12 months for moderation and anti-abuse purposes.

2.5 When you download files

Downloads may be logged in aggregate. If a specific download requires a form or account, we may also record that a given account downloaded a given file.

Purpose: understanding usage, preventing abuse, and complying with any applicable licence terms.

Legal basis: our legitimate interest (Art. 6(1)(f) GDPR).

2.6 When you use interactive tools

Some tools on the Site may process data you enter or upload. Unless a tool’s documentation says otherwise, inputs are processed in memory or in transient storage only and are not retained after the tool has returned its result. Where a tool does retain data (for example, to save your work to an account), this will be stated on the tool’s page.

Legal basis: performance of our agreement with you (Art. 6(1)(b) GDPR) or your consent (Art. 6(1)(a) GDPR), depending on the tool.

2.7 What we do not collect

We do not knowingly collect:

• Special categories of personal data (health, religion, political views, biometric data, etc.)
• Personal data of children under 16

If you believe a child has submitted personal data through the Services, please contact us and we will delete it.

3. Cookies and Similar Technologies

We use a minimal set of cookies and similar technologies.

3.1 Strictly necessary

These are required for the Site to function — for example, to keep you signed in, remember your cookie preferences, or protect form submissions from abuse. These do not require consent under Swedish law.

3.2 Optional (analytics, preferences, etc.)

If we use any non-essential cookies or similar technologies — for example, privacy-friendly analytics — we will ask for your consent via a cookie banner before they are set. You can withdraw or change your consent at any time through the cookie settings link on the Site.

A full list of cookies currently in use is available in the cookie banner.

4. Who We Share Data With

We do not sell personal data. We share it only with the following categories of recipients, and only to the extent necessary:

• Hosting and infrastructure providers — to run the Site and store data.
• Email providers — to send and receive messages related to the Services.
• Security and anti-abuse services — for example, to block spam or malicious traffic.
• Professional advisers — such as lawyers or accountants, if and when needed.
• Public authorities — where required by law, court order, or to protect our rights or the safety of others.

Each provider acts as a processor on our behalf under a written data-processing agreement, or as an independent controller where that is the appropriate role (for example, a public authority).

A current list of key service providers is available on request.

5. International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we rely on appropriate safeguards under the GDPR, which may include:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Supplementary technical and organisational measures where required

You can request a copy of the relevant safeguards by contacting us at the email address above.

6. How We Protect Data

We use reasonable technical and organisational measures to protect personal data, including:

• HTTPS encryption for traffic between your device and the Site
• Password hashing with modern, salted algorithms
• Access controls on administrative systems
• Regular software updates and security patching
• Minimal data collection and short retention periods

No system is perfectly secure. If a personal-data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the Swedish data-protection authority (Integritetsskyddsmyndigheten, “IMY”) within 72 hours where required, and we will notify affected individuals where the breach is likely to result in a high risk to their rights and freedoms.

7. Your Rights

Under the GDPR, you have the following rights in relation to your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure (“right to be forgotten”) — ask us to delete your data in certain circumstances.
• Restriction — ask us to limit how we use your data in certain circumstances.
• Portability — receive data you provided to us in a structured, commonly used, machine-readable format, and have it transmitted to another controller where technically feasible.
• Objection — object to processing that is based on our legitimate interests.
• Withdraw consent — where processing is based on consent, withdraw it at any time (this does not affect the lawfulness of processing carried out before withdrawal).
• Lodge a complaint — with the Swedish data-protection authority (IMY, https://www.imy.se) or the supervisory authority in the EU country where you live or work.

To exercise any of these rights, contact us at [email protected]. We will respond within one month, and may ask for reasonable information to verify your identity.

8. Automated Decision-Making

We do not use personal data for automated decision-making that produces legal or similarly significant effects on you.

9. Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent version. If we make material changes, we will take reasonable steps to notify you — for example, via a notice on the Site or, where you have an account, by email. Please review this Policy periodically.

10. Contact

For any question or request regarding this Privacy Policy or your personal data:

Artem Nechunaev

Email: [email protected]

You also have the right to contact the Swedish data-protection authority:

Integritetsskyddsmyndigheten (IMY)

Box 8114, 104 20 Stockholm, Sweden

Website: https://www.imy.se