Back to home

Privacy Policy

How we collect, use, and protect personal data when you visit thilian.com.

Last updated: June 2, 2026

Contents

1. Introduction

This Privacy Policy explains how Thilian collects, uses, shares, and protects personal data when you visit thilian.com or otherwise interact with us through this website.

We encourage you to read this Policy carefully. It describes your privacy rights and how you can contact us with questions or requests.

This Policy applies to visitors and individuals who contact us through the website. It does not apply to software products or services we build for clients under separate agreements; those projects are governed by their own privacy terms.

2. Who We Are

Thilian operates thilian.com. When we refer to "Thilian," "we," "us," or "our" in this Policy, we mean the business operating under the Thilian brand, with its principal place of business in Tijuana, Baja California, Mexico.

For privacy-related inquiries, you can contact us at hi@thilian.com.

3. Key Terms

In this Policy:

  • "Personal data" means any information relating to an identified or identifiable individual.
  • "Processing" means any operation performed on personal data, such as collection, storage, use, or disclosure.
  • "Services" means our website, contact form, and related online features made available at thilian.com.
  • "Cookies" are small text files stored on your device. Similar technologies include local storage and session storage.

4. Personal Data We Collect

Depending on how you interact with our website, we may collect the following categories of personal data:

Information you provide

When you submit our contact form, we collect:

  • Full name
  • Email address
  • Company name (optional)
  • Type of service you are interested in
  • Message content and any details you choose to include

Information collected automatically

When you browse our website, we may automatically collect:

  • IP address and approximate location (country/region)
  • Browser type, device type, operating system, and language settings
  • Pages viewed, referring URLs, and general interaction data
  • Date and time of access and session identifiers used for analytics

Cookies and local storage

We use cookies and similar technologies for essential functionality, analytics (with your consent where required), and remembering your cookie preferences. See Section 12 for more details.

5. How We Use Personal Data

We use personal data for the following purposes:

  • Responding to your inquiries and evaluating potential business engagements
  • Operating, maintaining, and improving our website and user experience
  • Measuring website traffic and understanding how visitors use our content (analytics)
  • Protecting our website against spam, abuse, and unauthorized activity
  • Complying with applicable legal obligations and enforcing our terms

Legal bases for processing (EEA/UK visitors)

Where applicable data protection law requires a legal basis, we rely on:

  • Consent — for analytics cookies and similar technologies where consent is required
  • Legitimate interests — to operate our website, respond to inquiries, prevent abuse, and improve our services, balanced against your rights
  • Pre-contractual steps — when you contact us about a potential project
  • Legal obligation — when we must retain or disclose data to comply with law

6. How We Share Personal Data

We do not sell your personal data. We do not share personal data with third parties for their independent marketing purposes.

We may share personal data with trusted service providers who process data on our behalf, only as necessary to provide their services to us:

  • Amazon Web Services (AWS) — website hosting, email delivery (Amazon SES), and related infrastructure
  • Google LLC — Google Analytics 4 (GA4) for website analytics, subject to your cookie preferences
  • Cloudflare, Inc. — Turnstile bot protection on our contact form

Other disclosures

We may also disclose personal data when we believe it is necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Protect the rights, property, or safety of Thilian, our users, or others
  • Detect, prevent, or address fraud, security, or technical issues

7. International Data Transfers

Our service providers may process personal data in countries other than your own, including the United States.

When we transfer personal data internationally, we implement appropriate safeguards as required by applicable law, such as standard contractual clauses approved by relevant authorities or other lawful transfer mechanisms.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, unless a longer period is required by law:

  • Contact form submissions and related correspondence: up to 24 months from our last interaction with you, unless a longer period is needed to manage an ongoing business relationship
  • Analytics data: up to 14 months, in line with our Google Analytics configuration
  • Cookie consent records: up to 12 months, refreshed when you revisit the site
  • Server and security logs: up to 90 days, unless needed to investigate an incident

Deletion

When retention periods expire, we delete or anonymize personal data in a manner designed to prevent recovery or reconstruction, unless applicable law requires continued storage.

9. Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or alteration. These measures include encrypted connections (HTTPS), access controls, input validation, and spam protection on our contact form.

No method of transmission or storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your location, you may have rights regarding your personal data. These may include the right to access, correct, delete, restrict, or object to certain processing, and to withdraw consent where processing is based on consent.

To exercise your rights, contact us at hi@thilian.com. We will respond within a reasonable timeframe and no later than 30 days, unless applicable law allows or requires a different period. We may need to verify your identity before processing your request.

Mexico (LFPDPPP)

If you are in Mexico, you may exercise your ARCO rights (Access, Rectification, Cancellation, and Opposition) by contacting us at the email above. You may also lodge a complaint with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) if you believe your rights have not been adequately addressed.

European Economic Area and United Kingdom (GDPR)

If you are in the EEA or UK, you also have the right to data portability and to lodge a complaint with your local data protection authority. Where we rely on legitimate interests, you may object to processing based on your particular situation.

California (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, request deletion, and not be discriminated against for exercising your privacy rights. We do not sell or share personal information for cross-context behavioral advertising as defined under California law.

11. Children

Our website is not directed to individuals under 18 years of age, and we do not knowingly collect personal data from children. If you believe we have collected personal data from a child, please contact us and we will take steps to delete it.

12. Cookies and Similar Technologies

We use strictly necessary technologies to operate the website, and analytics technologies to understand site usage. Where required by law, we obtain your consent before enabling analytics.

We do not use advertising or third-party tracking cookies on this website.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this Policy periodically. Your continued use of the website after changes are posted constitutes your acknowledgment of the updated Policy, to the extent permitted by law.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

  • Email: hi@thilian.com
  • Location: Tijuana, Baja California, Mexico
For detailed information about the cookies and similar technologies we use, and to manage your preferences, visit our Cookie Settings page. Cookie Settings