Privacy Policy

This Privacy Policy applies to tonirulislam.tech ("the Site"), a personal blog and portfolio owned and operated by Tonirul Islam, a Network Engineer and software builder based in West Bengal, India.

Tonirul Islam is also the founder of themedium.blog (a long-form publishing platform) and doccraftr.com (a browser-based PDF editor and converter). Each of those services operates under its own separate privacy policy.

We collect the minimum data necessary to operate the Site and provide the services you request. Here is a clear breakdown:

Newsletter subscriptions

• First name (optional — used to personalise emails)
• Email address (required)
• Subscription date and verification status

Contact form submissions

• First and last name
• Email address
• Subject and message content
• Timestamp of submission

Comments

• Display name
• Email address (not publicly shown — used for moderation only)
• Comment text and submission timestamp

Server & analytics logs

• IP address (anonymised after 30 days)
• Browser type and version
• Pages visited and time on page
• Referring URL

We use the data we collect only for the specific purposes described below. We never use your data for purposes beyond what is listed here without your explicit consent.

Where applicable under the General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act (DPDPA), we process your personal data on the following legal bases:

We use a small number of cookies to make the Site function correctly and to understand how it is used. We do not use advertising cookies or sell cookie data.

We retain your personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law.

We do not sell or share your personal data with third parties for their own marketing purposes. We may share limited data with the following service providers strictly to operate the Site:

Depending on your location, you may have the following rights regarding your personal data. We honour all reasonable requests regardless of your jurisdiction.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. These include:

• HTTPS / TLS encryption for all data transmitted between your browser and our server
• Passwords stored as bcrypt hashes — plain-text passwords are never stored
• Database access restricted to application-level queries only; no direct external access
• CSRF protection on all forms to prevent cross-site request forgery
• Regular software updates and security patches applied to the server and CMS

This Site is not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you are a parent or guardian and believe your child has submitted personal data to us, please contact us immediately at admin@tonirulislam.tech and we will delete that data promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this page periodically. Your continued use of the Site after any changes constitutes your acknowledgement of the updated policy.

For any privacy-related questions, requests, or complaints, please contact us directly:

• Email: admin@tonirulislam.tech
• Contact form: tonirulislam.tech/contact.php
• Response time: Within 2–3 business days (30 days for formal data requests)

If you are located in the European Economic Area and believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection supervisory authority. In India, complaints may be directed to the Data Protection Board under the DPDPA 2023.