Last updated: March 25, 2026
This Privacy Policy explains how Roman Bahan ("we", "us", or "our") collects, uses, stores, and shares personal data when you visit personal-website-br.webflow.io and any connected custom domain that points to this portfolio website (the "Site"), or when you contact us through the Site.
The controller responsible for the processing of personal data under this Privacy Policy is:
Roman Bahan
Email: romanb2489@gmail.com
Country of establishment: Ukraine
This Privacy Policy applies to personal data processed through:
· your use of the Site;
· direct contact via the Site’s contact form;
· email or WhatsApp contact initiated from the Site;
· basic technical and security-related processing connected to hosting and operating the Site.
This Site is a portfolio and lead-generation website. It does not provide user accounts, a customer dashboard, or direct online checkout.
Depending on how you interact with the Site, we may collect the following categories of personal data.
3.1 Data you provide directly
When you use the contact form or contact us directly, we may collect:
· full name;
· email address;
· message content;
· any business, project, budget, timeline, or other information you choose to include in your message.
3.2 Data collected automatically
When you visit the Site, certain technical data may be collected automatically by the hosting platform, security tools, server infrastructure, or integrated services, such as:
· IP address;
· browser type and version;
· device type and operating system;
· pages visited and timestamps;
· referring URL;
· basic diagnostic, performance, and security logs;
· cookie-related data and consent preferences, where applicable.
3.3 Data from third-party links or tools
If you contact us through third-party services linked from the Site (for example, LinkedIn or WhatsApp), your interaction is also subject to the privacy practices of those services.
We process personal data only where we have a valid legal basis under applicable data protection law.
4.1 To respond to your enquiries and discuss a possible project
We use your contact details and message content to review your enquiry, reply to you, schedule a call, prepare a quote, or take steps requested by you before entering into a possible service agreement.
Legal basis:
· performance of a contract or steps taken at your request before entering into a contract, where applicable; and/or
· our legitimate interests in responding to genuine business enquiries and managing our services.
4.2 To operate, secure, and improve the Site
We process technical data to keep the Site available, secure, stable, and protected against abuse, spam, fraud, and malicious activity.
Legal basis:
· our legitimate interests in running and securing the Site.
4.3 To comply with legal, tax, accounting, or record-keeping obligations
If an enquiry becomes a business relationship, we may need to keep certain records to comply with legal obligations.
Legal basis:
· compliance with a legal obligation.
4.4 For analytics, performance measurement, or marketing cookies
If non-essential analytics or marketing tools are enabled on the Site, we will use them only in accordance with applicable law and, where required, only after obtaining valid consent.
Legal basis:
· your consent, where consent is required.
We may use personal data to:
· communicate with you;
· answer questions and provide quotes;
· assess whether your project is a fit for our services;
· document enquiries and follow-up communications;
· maintain website security and technical performance;
· troubleshoot, prevent abuse, and protect our rights;
· comply with legal and regulatory obligations.
We do not sell your personal data.
We may share personal data with trusted third parties only where necessary for the purposes described above, including:
· Webflow, as a website hosting and form infrastructure provider;
· email service providers used to receive and send communications;
· domain, CDN, infrastructure, or website security providers;
· analytics, cookie-consent, or monitoring tools, if enabled;
· professional advisers such as lawyers, accountants, or insurers, where reasonably necessary;
· public authorities or regulators where disclosure is required by law.
These providers are authorised to process personal data only as necessary for the relevant service and subject to appropriate contractual and legal safeguards.
Because the Site uses third-party infrastructure and web services, your personal data may be processed outside the European Economic Area, the United Kingdom, or Switzerland.
Where this happens, we aim to use appropriate safeguards as required by applicable law, such as:
· adequacy decisions;
· Standard Contractual Clauses;
· the EU-U.S. Data Privacy Framework or UK extension, where applicable;
· equivalent lawful transfer mechanisms recognised under applicable law.
You may contact us using the details above if you want more information about the safeguards used for international transfers.
We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.
Recommended retention approach for this Site:
· contact-form enquiries: up to 12 months after the last meaningful contact, unless a longer retention period is needed for follow-up, dispute handling, or legal reasons;
· project, contract, invoice, and accounting records: for as long as required by applicable law and internal record-keeping obligations;
· technical and security logs: typically 30 to 90 days, unless longer retention is required for security investigations, legal claims, or compliance purposes;
· consent records: for as long as needed to demonstrate compliance, where consent is relied upon.
This Site may use cookies or similar technologies for essential site functionality, security, and, where enabled, analytics or embedded third-party services.
Where non-essential cookies are used, visitors will be given appropriate notice and, where required by law, a way to accept, reject, or manage those cookies before they are placed.
You can control cookies through your browser settings, subject to the limitations of the tools and services used on the Site.
Depending on your location and the applicable law, you may have the right to:
· request access to your personal data;
· request correction of inaccurate data;
· request deletion of your data;
· request restriction of processing;
· object to processing based on legitimate interests;
· request data portability where applicable;
· withdraw consent at any time where processing is based on consent;
· lodge a complaint with a competent supervisory authority.
If you want to exercise any of these rights, contact us at romanb2489@gmail.com.
Where we rely on legitimate interests as the legal basis for processing, you have the right to object to that processing on grounds relating to your particular situation.
This Site is intended for professional and business enquiries and is not directed to children. We do not knowingly collect personal data from children under the age of 16 through the Site. If you believe that a child has submitted personal data to us, please contact us so we can review and delete the information where appropriate.
The Site may contain links to third-party websites or platforms, including LinkedIn, WhatsApp, and external project websites. We are not responsible for the privacy practices, content, or security of third-party services. Please review their privacy notices separately.
We take reasonable technical and organisational measures appropriate to the nature of the data and the risk involved, including access controls, hosting safeguards, and administrative protections. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. When we make material changes, we will update the "Last updated" date at the top of this page.
If you believe your personal data has been handled unlawfully, you may lodge a complaint with the supervisory authority in the country of your habitual residence, place of work, or place of the alleged infringement.
For privacy questions or requests, contact:
Roman Bahan
Email: romanb2489@gmail.com