Stalitsa · Legal
Privacy policy
Last updated: April 2026. This page describes how personal data is handled when you use stalitsa.com.
Who we are
Stalitsa is the data controller for this website. The easiest way to reach us is the contact form on this site.
What this site does
This is a marketing site: pages you read in your browser, links to third-party profiles, and assets (fonts, icons, images) loaded as part of the design. There is no account login. The contact page includes a form; when you send a message, your input is processed by Cloudflare (the site host) and delivered by email through Resend, our transactional email provider, so we can reply.
Data we may process
When you browse the site. Like most websites, technical information is processed so pages can load: for example network and security data handled by the hosting provider (see below).
Usage analytics. This site uses Cloudflare Web Analytics to measure traffic and basic performance trends (for example page views, referrers, and high-level usage metrics). The purpose is to understand and improve the site. Where Cloudflare provides this analytics mode without client-side tracking cookies, Stalitsa does not set first-party analytics cookies for this feature.
When you use the contact form. We collect the name, email address, and message you submit; if you choose to, you may also add an optional company or project name. When enabled, a security check (Cloudflare Turnstile) may run before send. That data is sent to our inbox through Resend so we can respond. Resend and your own email provider may process technical message metadata in the usual way.
Hosting and infrastructure
This site is served using Cloudflare. Cloudflare processes technical data (such as IP addresses and request metadata) to deliver the site, protect it, and provide the analytics feature above. See Cloudflare’s privacy documentation for details of their processing.
Third-party content
Some resources load from third parties (for example fonts or icon stylesheets, and badge images where shown). Those providers may process technical data in line with their own policies. The contact form uses Cloudflare Turnstile (when enabled) for abuse protection, and Resend to deliver messages to our inbox. External links (for example to GitHub or social profiles) are governed by those services when you visit them.
Legal bases (UK GDPR)
Depending on the situation, we rely on appropriate bases such as legitimate interests (operating and securing a public business website), performance of a contract or steps before a contract where you enquire about services, or consent where required.
Retention
Messages sent through the form (and related email threads) are kept only as long as needed for the conversation and legitimate business records, unless a longer period is required by law.
Your rights
Where UK GDPR / GDPR applies, you may have rights including access, rectification, erasure, restriction, objection, and data portability. You may also lodge a complaint with a supervisory authority. To exercise rights related to data processed here, use the contact form and describe your request.
International transfers
Providers may process data in the UK, EEA, US, or other regions. Where transfers are made, we expect appropriate safeguards where required by law.
Changes
We may update this policy from time to time. The “Last updated” date at the top will change when we do.