Privacy Policy

SARA Lab is operated as a research and demonstration project. For any privacy-related enquiries, contact us at: contact@sara-lab.com

Website analytics (Google Analytics 4). We collect anonymised data about how visitors use this website: pages viewed, time spent, browser type, device type and approximate geographic location (country/city level). This helps us understand how to improve the site. No personally identifiable information is collected through analytics.

Session data. When you visit the site, a session cookie is set to remember your display preferences (e.g. dark/light theme) and, if you log in, to maintain your authenticated session. This cookie contains a random session identifier — it does not store your name, email or any other personal data.

Security logs. Our server automatically logs IP addresses, request timestamps and accessed URLs for a maximum of 30 days. These logs are used exclusively for security purposes (detecting attacks, abuse prevention) and are not shared with third parties.

Contact form. If you use the contact form, we receive the message content and any contact details you voluntarily provide. This information is used solely to respond to your enquiry and is not stored beyond what is necessary for that purpose.

Analytics cookies — Art. 6(1)(a) GDPR: your explicit consent, given via the cookie banner. You may withdraw consent at any time by clicking Decline or clearing your browser's local storage for this site.

Session cookies — Art. 6(1)(f) GDPR: legitimate interest in providing a functional, secure website experience.

Security logs — Art. 6(1)(f) GDPR: legitimate interest in protecting the website and its users from malicious activity.

Contact form data — Art. 6(1)(b) GDPR: necessary to respond to your request.

We use Google Analytics 4 (GA4), a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google may transfer and process data on servers located in the United States.

IP anonymisation is enabled — your full IP address is never stored by Google Analytics.

You can opt out of Google Analytics tracking at any time using the Google Analytics Opt-out Browser Add-on (tools.google.com/dlpage/gaoptout), or by declining cookies in our cookie banner.

Google's privacy policy is available at: policies.google.com/privacy

We use two categories of cookies on this website.

Strictly necessary cookies are required for the website to function correctly. They enable core features such as maintaining your login session and remembering your display preferences (e.g. light or dark theme). These cookies do not collect any personally identifiable information and cannot be disabled without affecting site functionality.

Analytics cookies are set by Google Analytics and are used solely to help us understand how visitors interact with the website in aggregate — for example, which pages are most popular or how long a typical visit lasts. These cookies are only placed with your explicit consent, which you can give or withdraw at any time via our cookie banner. No personal data is linked to analytics cookies.

You can manage or disable cookies at any time through your browser settings. Please note that disabling strictly necessary cookies may affect your ability to use certain features of the site.

Server security logs are retained for a maximum of 30 days and then automatically deleted.

Google Analytics data is retained for 14 months (as configured in our GA4 account), after which it is automatically deleted.

Session data is stored only for the duration of your browser session or your configured session timeout.

Contact form messages are retained only as long as necessary to resolve your enquiry.

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

Right of access — You may request a copy of any personal data we hold about you.

Right to rectification — You may request correction of inaccurate personal data.

Right to erasure ('right to be forgotten') — You may request deletion of your personal data where there is no overriding legitimate reason to continue processing it.

Right to restriction — You may request that we restrict the processing of your data in certain circumstances.

Right to object — You may object to processing based on legitimate interests.

Right to data portability — You may request your data in a structured, machine-readable format.

Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at contact@sara-lab.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

Our website may contain links to third-party websites (e.g. GitHub, Telegram). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing any personal information.

This website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically.