Privacy Policy

1. Who I am

The site nonpr1zm.com belongs to me personally — Odilkhon Mukaramov, an individual architect and interior designer based in Tashkent, Uzbekistan. NØNPR1ZM is a personal brand, not a studio or a company.

Contact for any data protection questions: admin@nonpr1zm.com

2. What data I collect

Only what you voluntarily enter in the form on the Contact page:

• Name
• Preferred contact channel (email, phone, Telegram or WhatsApp) and the corresponding handle
• Free-form project description
• Site locale at the time of submission (so I reply in the right language)

I do not collect ID document numbers, payment card numbers, date of birth, precise geolocation, or any other data beyond this minimum.

3. What I use it for

The sole purpose is to contact you and discuss the project you wrote about. I do not use the data for marketing, do not pass it to advertising networks, do not build advertising profiles, and do not sell it.

Lawful bases for processing:

• GDPR Art. 6(1)(b) — necessity to take steps at the data subject's request prior to entering a contract
• GDPR Art. 6(1)(a) — your consent, given by ticking the checkbox on the form
• FZ-152, Art. 6(1)(1) — consent of the data subject (Russian visitors)

4. Where the data is stored

• Form messages are delivered through Resend (resend.com) to my working inbox. Resend retains the delivery log for up to 30 days and then purges the message body.
• The site is served by Cloudflare Pages — traffic passes through Cloudflare's global edge network (cloudflare.com). Cloudflare does not store form bodies, only technical request metadata (IP address, timestamp, status) for a typical retention of several days.
• The email in my mailbox is kept for as long as needed for the project communication plus a reasonable archive (typically up to 24 months), then deleted.

5. Cookies and analytics

• Functional cookie nonpr1zm-locale — remembers your chosen language (ru/en), valid for 12 months. The site still works without it; the language simply falls back to your Accept-Language header on every visit.
• Cloudflare Web Analytics — built-in analytics with no cookies, no cross-site tracking, and no visitor identification. It aggregates anonymously: country, device type, referrer, Core Web Vitals metrics. None of this is linked to any form submission and none of it is personalised.

There are no advertising trackers, retargeting pixels, fingerprinting scripts or third-party marketing pixels on the site. A cookie-consent banner is not required because only one strictly-necessary functional cookie is used, which GDPR Recital 30 permits without separate consent.

6. Third parties

Data sharing is limited to operational providers:

• Resend — email delivery
• Cloudflare — hosting and edge network
• Open-Meteo — current weather in the clock widget (desktop only)

The clock and weather widget in the top-right corner (desktop only) shows the weather for your city. Approximate coordinates are derived from your IP via Cloudflare server-side (no precise GPS and no browser geolocation prompt); your browser then sends those coarse coordinates to Open-Meteo (api.open-meteo.com) solely to fetch the current local weather. No identifiers are sent, and Open-Meteo sets no cookies on this site.

No advertising, marketing or analytics partners beyond Cloudflare Web Analytics (see section above). Data is not shared with government authorities except under a lawful order.

7. Your rights

At any time you may:

• Request a list of the data I hold about you
• Obtain a copy of the data in a portable format
• Correct inaccurate data
• Erase all of your data ("right to be forgotten")
• Restrict processing
• Withdraw consent — withdrawal does not affect the lawfulness of processing carried out before the withdrawal
• Lodge a complaint with a supervisory authority

For any of the above, email admin@nonpr1zm.com — I respond within 30 days (usually much faster).

If you believe I have breached data protection law:

• In the EU/EEA — complaint to your local data protection authority
• In the UK — complaint to the ICO
• In Russia — complaint to Roskomnadzor

8. Retention

• Form messages — until the project communication is finished plus a 24-month archive, then deleted
• Resend delivery log — 30 days
• Cloudflare metadata — Cloudflare's TTL (typically a few days)
• Cookie nonpr1zm-locale — 12 months or until the browser is cleared

9. Data security

The connection to the site is always encrypted (HTTPS / TLS 1.3). Form submissions are POSTed over HTTPS. Resend uses TLS to deliver to recipient SMTP servers. My working inbox is protected by two-factor authentication.

10. International transfers

Cloudflare and Resend are global-infrastructure providers; your data may be processed on servers located in the United States, the EU and other countries. Both providers are certified under international data-transfer frameworks (Standard Contractual Clauses within the meaning of GDPR Chapter V).

11. Children

The site is not intended for children under 14. If you discover that a child has submitted data through the form, email admin@nonpr1zm.com and I will delete it immediately.

12. Changes to this policy

If the policy changes materially, I will update this page and the effective date below. Minor edits (typos, links) do not trigger any notice obligation.

13. Governing law

This policy is governed by the laws of the Republic of Uzbekistan, subject to the mandatory provisions of your country of residence (GDPR, FZ-152, UK GDPR, etc.) where applicable.