← Back to homepage

Privacy Policy

Last updated: 14 June 2026

“Protecting your personal data matters to Suriyaa Sundararuban.”

— Suriyaa Sundararuban

This privacy policy explains how Suriyaa Sundararuban handles information in connection with suriyaasundararuban.com. Suriyaa Sundararuban is based in Germany. Because visitors may be located in the European Union, the European Economic Area, the United Kingdom, Switzerland, or the United States, this notice is structured to address both the EU General Data Protection Regulation (GDPR) and applicable United States privacy law, where they apply to you and to processing by Suriyaa Sundararuban.

1. Who is responsible

Suriyaa Sundararuban (website operator and, where GDPR applies, data controller)
Munich, Germany
Email: servus@suriyaa.de
Privacy enquiries: webmaster@suriyaa.de

A postal address is not published online for data protection reasons. Please contact Suriyaa Sundararuban by email; the address will be provided upon request where appropriate.

Further details are in the Legal notice.

2. Scope and how to read this policy

  • Everyone: Sections 3–12 describe what data is processed, why, and with whom it is shared.
  • Visitors in the EU/EEA, UK, or Switzerland: Section 13 (GDPR) applies in addition, including legal bases, GDPR rights, and supervisory authorities.
  • Visitors in the United States: Section 14 (United States) applies in addition, including U.S. privacy practices relevant to U.S. visitors.

If more than one law applies, Suriyaa Sundararuban honours the stronger protection for you where laws conflict and a stricter standard is legally required.

3. Nature of this website

This is a private, non-commercial information site operated by Suriyaa Sundararuban. You can usually browse without providing personal data. Personal data is processed only when technically necessary to run the site, when you contact Suriyaa Sundararuban voluntarily, or when the law requires it.

Categories of data that may be processed include: technical/log data, website analytics data (aggregated and event-based), and information sent by email (such as name, email address, and message content). Suriyaa Sundararuban does not sell personal information.

4. Hosting and server log files (Vercel)

The website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA. When you access the site, technical data may be recorded in server logs, including:

  • IP address (truncated or anonymised where the host provides that),
  • date and time of access,
  • URL accessed and referrer URL,
  • browser type and version, operating system,
  • amount of data transferred and HTTP status code.

Purpose: operating, securing, and administering the website.
Retention: according to Vercel’s policies, generally only as long as needed for these purposes.
Recipients: Vercel Inc. as infrastructure provider / processor.

Vercel privacy policy: vercel.com/legal/privacy-policy

5. Web analytics (Vercel Analytics)

Suriyaa Sundararuban uses Vercel Analytics to understand aggregated use of the site (e.g. page views, country at country level, device type, browser). According to the provider, it does not use cookies for this service and does not create persistent individual visitor profiles.

Purpose: measuring and improving the website in aggregated form.
Retention: as described by Vercel for analytics data.

6. Web analytics (PostHog)

Suriyaa Sundararuban uses PostHog (PostHog Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA) to understand how visitors use this website and to improve it. PostHog is loaded when you open pages on this site.

Depending on configuration, PostHog may process:

  • pages viewed and navigation paths on this site,
  • referrer URL and UTM parameters,
  • browser type and version, operating system, device type, and screen size,
  • approximate location derived from IP address (country/region level),
  • a pseudonymous visitor identifier stored in your browser (for example via local storage or cookies),
  • interaction and performance data, and—if enabled in the analytics configuration—session replay or similar diagnostic data.

PostHog is configured with person profiles for identified users only: a persistent profile is not created for anonymous visitors unless you are identified (for example through a feature that calls posthog.identify(), which this site does not use by default).

Purpose: measuring use of the website, diagnosing technical issues, and improving content and structure.
Legal basis (GDPR): legitimate interests (Art. 6(1)(f) GDPR), balanced against your rights; see section 13.1.
Retention: according to PostHog’s policies and Suriyaa Sundararuban’s project settings in PostHog.
Recipients: PostHog Inc. as analytics provider / processor.
Hosting region: United States (us.i.posthog.com).

PostHog privacy policy: posthog.com/privacy. You can limit tracking in your browser (block third-party scripts, clear site data, or use privacy extensions). For GDPR-related requests about data held by PostHog on Suriyaa Sundararuban’s behalf, contact servus@suriyaa.de.

7. Contact by email

If you email Suriyaa Sundararuban (including via mailto links on this site), your message and contact details are used only to respond and keep a record where needed.

Retention: only as long as needed to handle your request and as required by applicable law.
Security: email over the internet may not be fully secure; for sensitive topics, consider additional encryption where possible.

8. External links

This site links to third-party services (e.g. LinkedIn, GitHub, Cal.com, ResearchGate). Suriyaa Sundararuban does not control their privacy practices. Please review their policies when you leave this site.

9. Cookies and similar technologies

This site does not set its own first-party cookies for advertising. Analytics providers may still store data in your browser:

  • Vercel Analytics is described as cookieless for its analytics function (see section 5).
  • PostHog may use local storage and/or cookies to assign a pseudonymous visitor identifier and to operate analytics features (see section 6).

The host may still process limited session-related technical data; see section 4.

10. Disclosure, processors, and international transfers

Personal data is shared with third parties only when required by law, you have agreed, or sharing is necessary for the purposes above (for example with Vercel or PostHog as technical service providers).

Data may be processed in the United States (including by Vercel and PostHog). Where GDPR applies, transfers may rely on mechanisms such as the provider’s EU Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework. See each provider’s documentation for details.

11. Security and retention

The site is served over HTTPS (TLS). Suriyaa Sundararuban uses reasonable technical and organisational measures to protect data against loss, misuse, and unauthorised access, but no online transmission or storage is completely secure.

Personal data is kept only as long as needed for the purposes described or as required by law, then deleted or anonymised unless further retention is legally necessary.

12. Children and automated decisions

This site is not directed at children under 13 (U.S.) or under 16 where that age applies under GDPR in the relevant member state. Suriyaa Sundararuban does not knowingly collect personal data from children without appropriate parental authority where required.

Suriyaa Sundararuban does not make decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects (GDPR Art. 22).

13. European Union / EEA, United Kingdom, and Switzerland (GDPR)

This section applies if you are in the EU, EEA, UK, or Switzerland and GDPR (or UK GDPR / Swiss FADP as applicable) governs processing of your personal data by Suriyaa Sundararuban.

13.1 Legal bases (Art. 6 GDPR)

  • Art. 6(1)(f) — legitimate interests (secure operation of the website, analytics to understand and improve the site, security), balanced against your rights;
  • Art. 6(1)(b) — steps at your request or pre-contractual communication when you contact Suriyaa Sundararuban;
  • Art. 6(1)(a) — consent, only where you have given it clearly (e.g. optional tools that require consent).

13.2 Your GDPR rights

Subject to conditions and exceptions in the GDPR, you may have the right to:

  • access (Art. 15),
  • rectification (Art. 16),
  • erasure (Art. 17),
  • restriction of processing (Art. 18),
  • data portability (Art. 20), where applicable,
  • object to processing based on legitimate interests (Art. 21),
  • withdraw consent (Art. 7(3)) with effect for the future.

To exercise these rights, email servus@suriyaa.de with enough detail to identify your request. Suriyaa Sundararuban will respond within the timeframes required by law.

13.3 Supervisory authorities

Before contacting a supervisory authority, you may direct privacy-related enquiries to Suriyaa Sundararuban at webmaster@suriyaa.de. Suriyaa Sundararuban endeavours to handle requests promptly.

You may lodge a complaint with a supervisory authority, in particular in your country of habitual residence, workplace, or place of the alleged infringement. Because Suriyaa Sundararuban is based in Germany, the lead supervisory authority is often:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18, 91522 Ansbach, Germany
Website: www.lda.bayern.de

Visitors outside Bavaria may also contact their local EU/EEA authority, the UK ICO, or the Swiss FDPIC, as applicable.

14. United States

This section applies to visitors in the United States and describes practices under U.S. law relevant to this private website operated from Germany.

14.1 No sale of personal information

Suriyaa Sundararuban does not sell, rent, or trade personal information. Personal information is not shared for cross-context behavioural advertising.

14.2 U.S. legal landscape

There is no single federal privacy statute equivalent to the GDPR. U.S. visitors may be protected by sector-specific federal rules and by state laws (for example in California, Colorado, or Virginia). Suriyaa Sundararuban follows fair and transparent practices and complies with applicable U.S. requirements when they apply to processing directed at U.S. residents.

14.3 Your U.S. privacy choices

Where applicable law provides, you may:

  • request access to personal information Suriyaa Sundararuban holds about you from your emails or interactions;
  • request correction or deletion where reasonable and not contrary to legal retention duties;
  • opt out of optional processing that requires your consent, where such processing exists.

Submit requests to servus@suriyaa.de. Suriyaa Sundararuban may need to verify your identity before responding and will not discriminate against you for exercising privacy rights afforded by applicable law.

14.4 U.S. regulators

If you believe practices on this site violate applicable U.S. law, you may contact the U.S. Federal Trade Commission or the consumer protection authority in your U.S. state of residence.

For EU/UK/CH complaints, see section 13.3.

15. Changes to this privacy policy

Suriyaa Sundararuban may update this policy when the website, services, or legal requirements change. The current version is always on this page. Material changes will be reflected in the “Last updated” date above.

© Suriyaa Sundararuban. All Rights Reserved.

Terms & Conditions | Privacy Policy | Legal Notice