Privacy Something we really care about

When we rebuilt this site in 2018 we focused on three major things: good UX/UI, speed, and privacy.

It took a bit of work, but we made sure to absolutely minimise the potential privacy intrusions, especially regarding third-party tracking. This means:

A few non-invasive things were technically necessary and these are detailed below.

Cookies

There are 3 cookies that are currently stored when you visit our site, but none of these are for the purposes of tracking.

  1. __cfduid: This is the only third-party service in use on the site. It's called CloudFlare and it's used to protect our Web-server from DDoS attacks and other security related things. We cannot disable this cookie and continue to use CloudFlare, but we are confident that this cookie does not store any personally identifiable information as promised by CloudFlare.
  2. XSRF-TOKEN: This prevents cross-site request forgeries - essentially when you submit our contact form this cookie ensures that we know the form was submitted on our site, not some third-party site. This is purely for our security and the cookie's value changes every time you load a page. It is completely anonymous.
  3. supple_9_session: This is also completely anonymous and untracked. It allows us to show you a notification message like "Thank you for contacting us" after you submit a contact form. Like the XSRF-TOKEN, it's value is randomly generated on every page load.

Information Collected

If you send us an email, the contents of that email will be stored in our mail client. You can of course use a private/anonymous email address instead of your personal/work email if you so choose.

We lease a private dedicated Web-server from the German company Hetzner who are DIN ISO/IEC 27001 certified. When you access Supple 9 (or any Web site), your browser automatically sends information about your computer, e.g. your User agent and IP address, to our server. This information is automatically logged on our server for security/debugging reasons but is not linked to any personally identifiable information.

Information Shared

None. We do not willingly share any information with anyone.

It's possible that we would have to comply with court ordered legal requests. However we have so little information to provide that we really are not any sort of target for such things!

Things we can improve on

This is a bucket-list of things we need to investigate and improve on.