Privacy Policy

Last updated: July 9, 2026

1. Who We Are

This website, subeshyadav.com.np, is a personal portfolio and educational blog run by Subesh Yadav. It is operated as an individual project, not a company. If you have any questions about this policy, you can reach me at subeshgaming@gmail.com.

2. What Data I Collect

Data you give me directly

  • Newsletter subscription: your name and email address, collected only when you voluntarily subscribe.
  • Comments: your name, email address, and the content you submit.
  • Contact form: your name, email, and message.

Data collected automatically

  • Analytics: pages visited, time on page, referral source, browser type, device type, and approximate location (country / city level) via Google Analytics.
  • Server logs: IP address, request timestamps, and HTTP status codes, retained for 30 days for security purposes.
  • Cookies: small files stored on your device — detailed in the Cookie section below.

I do not collect payment information, precise location data, or any special-category personal data (health, ethnicity, etc.).

3. Why I Use This Data

PurposeLegal basis
Running and improving the websiteLegitimate interest
Sending newsletter emails you signed up forConsent
Replying to comments and contact form messagesLegitimate interest
Showing relevant ads via Google AdSenseConsent (where required)
Understanding traffic patterns via Google AnalyticsLegitimate interest / Consent
Detecting and preventing abuse or fraudLegitimate interest
Complying with legal obligationsLegal obligation

4. Cookies

Cookies are small text files stored on your device by your browser. Here is exactly what this site sets:

CookiePurposeExpiresType
authjs.session-tokenKeeps admin sessions alive30 daysEssential
__Secure-next-auth.callback-urlOAuth redirect targetSessionEssential
themeRemembers dark / light mode1 yearPreference
_ga, _ga_*Google Analytics — visitor stats2 yearsAnalytics
__gads, __gpi, FCNECGoogle AdSense — personalised ads13 monthsAdvertising

Managing cookies

You can block or delete cookies in your browser settings. Blocking essential cookies will affect site functionality; blocking analytics or advertising cookies will not. Browser guides:

5. Third-Party Services

These services operate under their own privacy policies. I encourage you to review them:

Personalised advertising

Google AdSense may use cookies to show ads based on your browsing history. You can opt out at Google Ads Settings or via the Network Advertising Initiative.

6. Data Sharing

I do not sell your personal data. I share it only in these circumstances:

  • With the third-party services listed above, solely to operate this site.
  • When required by law, a court order, or a legitimate government request.
  • To protect the security or integrity of this site or its users.

7. How Long I Keep Your Data

  • Newsletter subscriptions — until you unsubscribe.
  • Comments — until you request deletion.
  • Contact form messages — up to 12 months after the conversation ends.
  • Google Analytics data — 26 months (Google's default).
  • Server logs — 30 days.

8. Your Rights

Depending on where you live, you may have the right to:

  • Access the personal data I hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data ("right to be forgotten").
  • Restrict or object to how I process your data.
  • Receive your data in a portable format.
  • Withdraw consent at any time, without affecting prior processing.

To exercise any of these rights, email me at subeshgaming@gmail.com. I will respond within 30 days.

9. Children's Privacy

This site is not directed at children under 13 (or under 16 in the European Economic Area). I do not knowingly collect data from children. If you believe a child has submitted personal data, please contact me and I will delete it promptly.

10. International Data Transfers

This site is hosted in the United States (Vercel). If you are visiting from the EU or elsewhere, your data may be transferred to and processed in the US. Third-party services I use employ Standard Contractual Clauses or equivalent safeguards for cross-border transfers.

11. Security

I take reasonable technical measures to protect your data — including HTTPS encryption, hashed password storage, and secure session handling. No system is completely immune to breaches; if one occurs that affects your data, I will notify you as required by applicable law.

12. Changes to This Policy

I may update this policy from time to time. When I do, I will update the "Last updated" date at the top of this page. For significant changes, I will notify newsletter subscribers by email. Continued use of the site after a change constitutes acceptance of the revised policy.

13. Contact

Questions, requests, or concerns about this Privacy Policy: