Sujay V. Sarma | Age: 43 years | Aquarius
The Legend | Dyslexic
| IT Consultant | Author | Poet | Theoritical Cosmologist
This website is the only source for accurate and authentic information about me.
- this website (https://sujayvsarma.com); or
- any other website created by me; or
- any web service or data provider created by me; or
- any SDK created by me; or
- any app created by me
If you do not agree with this policy, you should not use the website/web service/data provider/SDK/app.
As with common web-based infrastructure, my servers, systems, operating system, web server etc may collect and store information
about you and what you do. This is configured, collected and used in ways and means beyond my control.
In addition, my web hosting provider (always: Microsoft Azure) may collect and store additional information about requests and responses for
their own purposes. This is again, beyond my control.
I make heavy use of Microsoft Application Insights
for telemetry. This data is used to monitor how requests flow through our source code and analyze problems and performance. The data collected here will never
include the data submitted via forms, but will include everything in the URL used for the particular request. It will also contain additional metadata to identify
the uniqueness of the request and some state information. This data is not uniquely identifiable to you, unless the website/webservice/app requires you to login
to use that particular feature; in which case, your User Identity as per that website/webservice/app will be a part of the trace information collected.
We do, however, use Session Cookies to store some information during your usage so that we do not have to look it up again,
giving you better performance.
We do not make use of any component that stores its own cookies on your computer.
GPS/location data collected
On some websites/webservices/apps, the code will pick up your external (Internet) IP address and look it up to know your geographical coordinates. This is
done to provide you services that are more relevant to your purpose of visit on that website/webservice/app. However, this data is never stored in our
databases; though it may be stored by other logging and tracing mechanisms as outlined in the "Data Collection" heading above.
Some of the websites/webservices/apps may let you pick a different and aribitrary location from the one automatically determined as outlined above.
We use a web-based REST API service for this purpose and no data except the IP address (IPv4) is transmitted to them. We pick up only the latitude and
longitude coordinates from their reply.
We use that latitude/longitude data, in turn, to fetch details about that location using Azure Maps REST API. From this, we pick up only the country,
and the country's currency (3-letter code and symbol).
Server-side data storage
Most of my websites/webservices/apps do not store user information in its own "databases". Any databases it has would be used to store information
other than your identity.
When we do store personally identifiable information about you, collected using forms that you fill out and submit on one or more of these websites/webservices/apps,
the data is stored in plain-text, with Azure-powered data encryption. This encryption is a robust and industry-accepted standard and we have no reason to
implement additional obfuscation or encryption over that layer.
Data from our server-side databases is never transmitted to the outside world except when you use publicly accessible and documented APIs. The data that is made
available via these publicly accessible APIs never contains personally identifiable or user account information.
All determinations of who you are, how you relate to the features of my applications and what you should or should not be able to do is determined server-side.
This means, no information about the security information related to your user account is ever visible to the world.
Access to stored data and data-deletion ("Forget me")
Not all of my websites/webservices/apps may store information that could be traced back to you. Therefore;
On websites/webservices/apps that do NOT provide a "user account" (that is, you would be able to sign up for an account, login, etc), there is no
way to access or delete any information that might be stored about you.
On websites/webservices/apps that DO provide a "user account" (that is, you would be able to sign up for an account, login, etc), there would always
be a "Delete Account" feature that will result in immediate and permanent deletion of your data.
Do note that for purposes of transactional intergrity, data that involves the following would never be deleted:
- Financial transactions; or
- Interactions with other users on that platform; or
- Usage accounting information
Last Revised: Feb 7th, 2020.
Originally written: Nov 12th, 2019.