Back to home

Privacy Policy

Effective: 30 April 2026 · Operator: Saikat Dey, Kolkata, India

1. Who this policy is from

This site, digonto.in (including www.digonto.in and any subdomain we operate), is a personal portfolio and a set of interactive browser experiments run by Saikat Dey, an individual based in Kolkata, India. References to we, us, or our in this policy mean the operator. References to you mean the visitor.

This policy explains what data we and our service providers handle when you visit the site, including the harmonium tool at /experiments/harmonium, the image tools at /tools/images, the blog, and other experiments.

2. What we collect

2.1 Information you provide directly

We do not run user accounts and we do not ask you to register. If you contact us by email, we receive whatever you put in that message and our email provider stores it under their own terms.

2.2 Information collected automatically

When you load a page, our hosting infrastructure receives your IP address, the requested URL, the time of the request, your browser’s user-agent string, and the referring page (if any). These are standard server logs used to operate the site and to investigate abuse.

2.3 Cookies and similar technologies

We use a small number of cookies and equivalent browser storage. They fall into three categories:

  • Strictly necessary — required for the site to load and to remember your cookie choices.
  • Analytics — Google Analytics 4 (measurement ID G-D43WEFWZBE) helps us understand which pages and experiments are used. Where required by law, we only load analytics after you consent.
  • Advertising — Google AdSense and its partners may set cookies to serve ads and measure ad performance, as described in section 4.

2.4 Browser local storage

The harmonium tool and several other experiments save your preferences (such as keyboard layout, scale, and volume) in your browser’s localStorage. This data never leaves your device. You can clear it at any time through your browser’s settings.

3. Microphone and uploaded audio — processed only on your device

The harmonium experiment uses your browser’s standard microphone API (getUserMedia) to detect the pitch of what you sing or play. The microphone stream is processed in real time inside your browser by a WebAssembly module. We do not record, store, transmit, or share your microphone audio. Nothing leaves your device.

The same is true if you load a reference audio file (for example, an MP3 of a song you want to practice along with). The file is read locally through the browser’s File API and decoded on your device. We do not upload, retain, or copy the file.

Image converters under /tools/images work the same way: conversion runs entirely in your browser via WebAssembly. Your images do not reach our servers.

You can revoke microphone permission at any time through your browser’s site permission settings.

4. Advertising (Google AdSense)

We may display advertisements served by Google AdSense and its partners. Google’s own disclosures, which we ask you to read carefully, are summarised below in Google’s recommended language:

Third-party vendors, including Google, use cookies to serve ads based on a user’s prior visits to your website or other websites.

Google’s use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.

Users may opt out of personalised advertising by visiting Google’s Ads Settings.

You can also opt out of third-party vendor cookies via:

For visitors in the European Economic Area, the United Kingdom, or Switzerland, ads are served only through a Google-certified consent management platform. You will see a consent banner before any non-essential cookies are set. You can change your choices at any time using the “Cookie settings” control in our footer.

5. Other third parties

In addition to Google AdSense and Google Analytics, the site relies on:

  • Amazon Web Services (AWS) — hosting, in the Mumbai (ap-south-1) region.
  • Amazon CloudFront — content delivery network for static assets served from cdn.digonto.in.
  • Google Fonts — loaded via Next.js’s self-hosted font pipeline, so no requests go to Google’s font servers from your browser.

These providers process limited technical data (mainly IP address and request metadata) on our behalf. Each operates under its own privacy terms.

6. How we use the data

  • To operate, secure, and debug the site.
  • To understand which experiments and articles are useful, in aggregate, through privacy-respecting analytics.
  • To serve advertising and to measure its performance, where you have consented (or where consent is not required by your local law).
  • To respond to messages you send us.
  • To comply with legal obligations.

We do not sell personal information for money. Personalised advertising may, however, be treated as a “sale” or “sharing” of personal information under some US state laws (see section 9).

7. International transfers

We are based in India. Some of our service providers (notably Google) process data in the United States and other countries. Where personal data of EEA, UK, or Swiss visitors is transferred internationally, the providers we use rely on the European Commission’s Standard Contractual Clauses, the EU–US Data Privacy Framework, or equivalent safeguards.

8. Your rights under the GDPR and UK GDPR

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights, subject to the conditions in the applicable law:

  • Access to a copy of your personal data.
  • Rectification of inaccurate or incomplete data.
  • Erasure (the “right to be forgotten”).
  • Restriction of processing.
  • Data portability.
  • Objection to processing based on legitimate interests, including profiling.
  • Withdrawal of consent at any time, without affecting the lawfulness of processing before withdrawal.
  • Lodging a complaint with your supervisory authority. For UK residents this is the Information Commissioner’s Office (ICO).

To exercise any of these rights, email us at saikatdey2100@gmail.com.

9. Your rights under the India DPDP Act, 2023

If you are a Data Principal in India, the Digital Personal Data Protection Act, 2023 and the Digital Personal Data Protection Rules, 2025 give you the following rights:

  • To access a summary of your personal data being processed.
  • To correct, complete, or update your personal data.
  • To erase your personal data, subject to retention required by law.
  • To withdraw any consent you have given.
  • To nominate another individual to exercise your rights in the event of your death or incapacity.
  • To grievance redressal through the contact below.

Grievance Officer: Saikat Dey · Email: saikatdey2100@gmail.com. If your complaint is not resolved, you may approach the Data Protection Board of India.

An English copy of this policy is the canonical version. A version translated into Hindi, Bengali, or another language listed in the Eighth Schedule of the Constitution of India is available on request to the email above.

10. Your rights under the CCPA and CPRA (California)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • To know what categories of personal information we collect and disclose.
  • To delete your personal information.
  • To correct inaccurate personal information.
  • To opt out of the “sale” or “sharing” of personal information, including for cross-context behavioural advertising.
  • To limit the use of sensitive personal information.
  • To non-discrimination for exercising any of these rights.

We do not sell personal information for money. We do, however, allow Google AdSense to set cookies that may be used for cross-context behavioural advertising, which California law treats as “sharing.” You can exercise your right to opt out of this sharing through the “Cookie settings” control in our footer or by enabling the Global Privacy Control signal in your browser, which we honour as a valid opt-out request.

11. Children

The site is intended for a general audience. It is not directed to children under the age of 13 (or under 16, where local law sets a higher digital-consent age), and we do not knowingly collect personal information from such children. If you are a parent or guardian and believe a child in your care has provided us with personal information, please email us at saikatdey2100@gmail.com and we will delete it.

12. Retention

Server logs are retained for a maximum of 30 days unless we need to keep them longer to investigate abuse or to comply with a legal request. Analytics and advertising data are retained for the periods configured by Google, which currently default to between two and twenty-six months. Browser local-storage data persists on your device until you clear it.

13. Security

The site is served over HTTPS. Hosting and content delivery use industry-standard providers in restricted-access configurations. No system can be guaranteed entirely secure, but we work to minimise data we hold and to keep what remains protected.

14. Changes to this policy

We may update this policy when the site changes or when the law changes. The effective date at the top of the page tells you which version is current. If a change materially affects how we handle your personal data, we will give notice through a banner on the site before the change takes effect.

15. Contact

For privacy questions, requests under the laws above, or any other concern, write to us at saikatdey2100@gmail.com.