Legal Document
Last updated: March 22, 2026 · Effective: March 19, 2026
Your privacy matters
This is a personal portfolio website operated by Dionysis Karamitopoulos, an individual based in Thessaloniki, Greece. This policy explains what information is collected when you visit this website and how it is handled, in compliance with the General Data Protection Regulation (GDPR — Regulation EU 2016/679). This website uses a limited set of third-party services — including Microsoft Clarity for behavioural analytics, Supabase for secure data backup, and Resend for email delivery — each detailed in full below.
The following categories of data may be collected through this website:
Full Name
Voluntarily submitted via contact form
Email Address
To reply to your message
Subject
To understand the enquiry topic
Message Content
To respond to your enquiry
Behavioural & Technical Data (Microsoft Clarity)
This website uses Microsoft Clarity, a behavioural analytics tool. Clarity automatically collects session recordings, heatmaps, mouse movements, clicks, scroll behaviour, and aggregated usage data. Your IP address may be processed by Microsoft for this purpose. No directly identifying personal data (name, email) is collected through Clarity.
The legal basis for processing your personal data is your consent (Article 6(1)(a) GDPR), given when you voluntarily submit the contact form, and legitimate interest (Article 6(1)(f) GDPR) in responding to professional enquiries. You may withdraw your consent at any time by contacting me at the email above.
Your data is used solely for the following purpose:
Different retention periods apply depending on the data category:
Contact form submissions
Retained only as long as necessary to respond to and resolve your enquiry. Correspondence may be retained for a reasonable period for professional purposes.
Supabase backup data
Portfolio content (experience, projects, skills, etc.) is stored in Supabase as a backup. This data does not include visitor personal information — it relates exclusively to the site owner's professional profile.
Microsoft Clarity session data
Session recordings and heatmap data are retained by Microsoft Clarity for up to 13 months, subject to Microsoft's data retention policies.
The following third-party services act as data processors or sub-processors in connection with this website. Each processes data only to the extent necessary to provide their service:
Microsoft Clarity
AnalyticsBehavioural analytics — session recordings, heatmaps, interaction data
Processes anonymised behavioural data and may process IP addresses. Data stored on Microsoft infrastructure. Microsoft Privacy Statement applies.
View their privacy policyResend
EmailTransactional email delivery — routes contact form submissions to my inbox
Processes name, email address, and message content solely to deliver the email. Data is not retained by Resend beyond transactional processing.
View their privacy policySupabase
DatabaseCloud database — stores portfolio content backups (not visitor data)
The backup tables contain professional profile data (experience, certifications, projects). No visitor personal data is stored in Supabase.
View their privacy policyGoogle Fonts
CDNFont rendering (Playfair Display, Inter)
May log IP addresses for CDN delivery. Google Privacy Policy applies.
View their privacy policyjsDelivr CDN
CDNIcon library (RemixIcon)
May log IP addresses for CDN delivery.
View their privacy policyReaddy.ai
HostingWebsite hosting & form submission infrastructure
Form data is processed via Readdy platform infrastructure. Readdy privacy policy applies.
As a data subject under EU GDPR, you have the following rights:
Right of Access
Request a copy of the personal data held about you
Right to Rectification
Request correction of inaccurate data
Right to Erasure
Request deletion of your personal data ('right to be forgotten')
Right to Restriction
Request restriction of processing under certain conditions
Right to Object
Object to processing based on legitimate interests
Right to Portability
Receive your data in a structured, machine-readable format
To exercise any of the above rights, please contact me at dionisiskbrand@gmail.com. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) — the supervisory authority in Greece (www.dpa.gr).
This website uses a minimal set of browser storage technologies. No tracking cookies are set directly by this website. However, Microsoft Clarity — a third-party analytics service — does set its own cookies to enable session recordings and heatmap analysis.
The only first-party browser storage used is strictly functional — specifically to remember your accessibility preferences if you use the accessibility panel (stored in a11y-settings). This item is only created when you deliberately interact with the accessibility panel and is never transmitted to any server.
The Share Profile button, when clicked, uses the browser's native Clipboard API to copy the page URL to your clipboard. This is a user-initiated, one-time action — no data is stored and no information is transmitted to any server.
For a full breakdown of every cookie and storage item — including those set by Microsoft Clarity — please refer to the Cookie Policy.
This Privacy Policy may be updated from time to time. Any significant changes will be reflected by updating the “Last updated” date at the top of this page. Continued use of the website after any changes constitutes acceptance of the updated policy.
For any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data, please contact: