bolet.io
Privacy

What this site collects, and why.

A personal blog, not a tracking platform. Here's the honest summary.

The short version

bolet.io runs Google Analytics 4 to see which posts people read. That's it for tracking — no ads, no profiling, no data sold or shared with marketers. If you decline the cookie banner, no analytics cookies are set at all.

If you leave a comment, subscribe to the newsletter, or send a message via the contact form, you give me your email — used only for that purpose. You can unsubscribe or delete your data at any time (see Your rights below).

Analytics

I use Google Analytics 4 to understand what topics resonate. It collects:

  • A pseudonymous client identifier (in the _ga / _ga_* cookies)
  • Pages visited, referrer, approximate location (city level), device and browser
  • IP address (truncated by Google before storage)

GA does not load until you click Accept on the cookie banner. If you click Decline, or never decide, the script never runs and no analytics cookies are set. You can change your mind any time via Cookie settings at the bottom of the page.

Cookies and local storage

The site uses these only:

  • bolet-theme (localStorage) — your light/dark mode choice. Strictly functional.
  • bolet-consent (localStorage) — remembers your cookie banner choice. Strictly functional.
  • _ga, _ga_* (cookies) — Google Analytics. Only set if you accept.

The admin area uses Microsoft Entra ID for sign-in (only for me); that flow stores its own session tokens in browser storage during a session.

Comments

When you leave a comment, I store your name, your comment text, and (optionally) your email. The email is never displayed publicly — I only use it to reach out if there's a problem with your comment or to follow up. Comments are moderated before they appear.

Newsletter

Subscribing stores your email so I can send new posts and occasional notes. Every email includes a one-click unsubscribe link. There's no third-party newsletter platform involved — the list lives in my own database and emails are sent through Azure Communication Services.

Contact form

Messages you send via the contact form are forwarded to my inbox. I keep them as long as the conversation is useful and then delete them.

Where the data lives

Everything is hosted on Microsoft Azure in Denmark East(EU). The database, the application servers, and the email service all run inside the EU. No data is intentionally transferred to non-EU regions; the exception is Google Analytics, which processes data in Google's own infrastructure under their data processing terms.

Your rights

Under GDPR you can ask me to show, correct, or delete any personal data the site holds about you. For the newsletter, the unsubscribe link in any email does this immediately. For anything else (comments, contact-form messages), email me — see the address on the contact page— and I'll handle it within a reasonable time. The site is a one-person project, so "reasonable" usually means days, not weeks.

Changes to this policy

If this policy changes meaningfully (new tool, different data flow), I'll update this page and note the change at the bottom. No silent updates.

Last updated: 28 May 2026.