Privacy Policy

Overview

This website (ricozhao.com) is a personal blog and information portal about data privacy laws. We are committed to protecting your privacy and being transparent about how we handle data.

Data We Collect

This website does not collect personal information from visitors. Specifically:

• No user accounts or registration required for public content
• No cookies are set for tracking purposes
• No analytics or third-party tracking scripts
• No email collection or newsletter subscriptions (currently)

Cookies

This site uses only essential technical cookies required for the admin panel to function (session management). These cookies:

• Are strictly necessary for authentication
• Are marked as HttpOnly (not accessible to JavaScript)
• Use SameSite=Lax to prevent cross-site request forgery
• Expire after 30 minutes of inactivity
• Are transmitted over HTTPS only in production

Third-Party Services

This website uses the following external services:

• Google Fonts — for typography (Space Grotesk, Inter, JetBrains Mono). Google may collect anonymized usage data as described in their Privacy Policy.
• Tailwind CSS CDN — for styling framework delivery.

AI-Generated Content

Articles on this site are generated using AI models and reviewed by the site owner before publication. AI-generated content is clearly marked. The AI does not process any visitor data.

Security

We implement the following security measures:

• HTTPS encryption for all connections
• CSRF protection on all form submissions
• Content Security Policy headers
• XSS prevention via HTML sanitization
• Rate limiting on sensitive endpoints
• Bcrypt password hashing for admin access

Contact

For any privacy-related inquiries, please contact the site owner at ricozhao.com.