Compliance Framework

Privacy Policy

Effective Date: June 1, 2026

Your privacy and structural data integrity are foundational to the operation of cmcgill.me (the "Site"). This Privacy Policy clarifies how data is managed, how tracking and telemetry metrics are executed, and your user rights regarding privacy and compliance under relevant frameworks, including the General Data Protection Regulation (GDPR).

1. Data Collection Architecture

This platform operates with a data-minimization strategy. Data collection is isolated to two distinct vectors:

  • Voluntary Form Submissions: When you execute a communication using the contact forms, the Site captures the identity parameters you supply (Name, Email Address, and Message text) to process your inquiry.
  • Automated Server Logs & Telemetry: To analyze performance, manage security thresholds, and optimize site response times, basic metadata such as IP addresses, web client software types, and access timestamps are documented within standard server traffic files.

2. Cookie Engine & Analytics Tracking

In alignment with standard analytical evaluations, this platform utilizes minimal storage mechanisms (cookies or browser local storage) to monitor traffic patterns, site optimization, and platform interaction. These analytics assist in identifying bottleneck performance issues and system improvements.

Consent Control: Cookies and tracking telemetry are managed strictly by your selections on the platform's GDPR notification banner. You can accept or decline this tracking. Accepting saves a dedicated state preference (`gdpr_consent`) to your system configuration file to bypass future banners.

3. Data Retention & Security Controls

Information processed via asynchronous communication (AJAX) is securely transmitted and maintained exclusively for the duration necessary to address your service request or professional inquiry. Standard system logs are systematically pruned over automated server routines.

Appropriate technical security configurations have been deployed across the server layer to insulate collected metrics against unauthorized breach vectors, manipulation, or unauthorized disclosure.

4. Third-Party Disclosures

Your user parameters, contact details, and traffic metrics are never sold, traded, or distributed to external marketing brokers or programmatic advertising systems. Data is exclusively transferred when necessary to fulfill infrastructure compliance tasks or if requested by formal legal mandates under governing state protocols.

5. Your GDPR Rights & Data Autonomy

If you are accessing this web architecture from within the European Economic Area (EEA), you retain complete sovereignty over your metrics, including:

  • The right to request structural access to any archived communication logs matching your persona.
  • The right to order a permanent purge or erasure of your name, history, and message details from our server storage arrays.
  • The right to revoke your historical analytical tracking choices at any given moment.

To assert any privacy privileges, clear your localized cache profiles, or query data safety standards, please initiate a ticket through the primary communications portal.