Last updated 15 July 2026 · Français · Русский
This describes what this website actually collects, where it goes, and how long it stays. It is written from the code — every item below corresponds to something the site really does.
A.I. VADIM FILIPCIUC (IDNO 1026023022044), Republic of Moldova — trading as Marlino. Contact: actionvadim@gmail.com.
We store what you type: your name, phone number (with country code), email
address, the website address you want audited, and your message. Alongside it we
record your IP address and browser user-agent, and — only if you allowed analytics —
the Meta (_fbp, _fbc) and Google Analytics identifiers already present in
your browser.
Why: to answer you and to prepare the audit you asked for. A notification of your enquiry is sent to our Telegram and, where configured, to our own email address.
The website address you enter is sent to Google PageSpeed Insights, and the result is cached on our server for one hour. Your IP address is used to rate-limit the test. The test is not attached to you.
Your name, email, and your password — stored only as an argon2id hash, never in readable form. Each session records the IP address and user-agent it was created from, so you can tell your own sessions from someone else's. Security events (sign-in, sign-out, password reset, role change, two-factor changes) go to an audit log with the IP address and user-agent.
Nothing below loads until you press Allow on the banner. Decline and none of it is requested, and you are not asked again.
| Tool | What it sees | Processed where |
|---|---|---|
| PostHog | Pages viewed, clicks and scrolls (autocapture), JavaScript errors. Profiles only for identified users. | European Union (eu.i.posthog.com) |
| Google Analytics 4 | Pages viewed; the value of a closed deal. | Google, incl. the United States |
| Meta Pixel | Page views and form submissions. | Meta, incl. the United States |
| Yandex Metrica | Clicks, links, page views. | Yandex |
If you become a client, we report the sale to Meta and Google so we can tell which advertising works. Your phone number is hashed with SHA-256 before it leaves our server — Meta receives the hash, not the number. Also sent: the Meta/Google identifiers from your browser, your IP address, your user-agent, and the amount. This happens server-side, once, when the deal is marked as won.
The site and its database run on a server in Helsinki, Finland (Hetzner), and backups stay on that server. The party responsible for the data is established in the Republic of Moldova, so it is administered from outside the European Economic Area. The analytics tools process data wherever their own policies say — PostHog on EU infrastructure; Google and Meta including the United States.
| What | How long |
|---|---|
| Your enquiry and our notes on it | Until you ask us to delete it |
| Sign-in sessions | 7 days, then deleted automatically |
| Email confirmation link | 24 hours |
| Password reset link | 1 hour, single use |
| Speed-test result cache | 1 hour |
| Security audit log | Kept; used only to investigate account security |
| Backups | 14 days, then deleted automatically |
You can ask us to show you what we hold about you, correct it, delete it, or stop using it. You can withdraw permission for analytics at any time by clearing this site's data in your browser — the banner will ask again. Write to actionvadim@gmail.com and we will answer within 30 days. If you are in the EU and think we have handled your data badly, you can also complain to your national data protection authority.
marlino_consent — remembers your answer to the analytics banner. Set by us, never sent to a server.lang — remembers the language you picked.sid, csrf — only if you sign in. They keep you signed in and protect the forms against cross-site submission. Deleted when you sign out.