Privacy Policy
Last updated: April 2026
Introduction
The Egert Family Portal ("we," "us," "our," or the "Portal") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use it, how we protect it, and your rights regarding your information.
This policy applies to all users of the Egert Family Portal. By using this portal, you agree to the collection and use of information as outlined in this policy.
What Personal Data We Collect
We collect the following types of personal information:
- Account Information: Your full name, email address, phone number, and any profile information you choose to provide.
- Access Data: Your IP address when you log in, login timestamps, logout timestamps, and your browser's user agent information (browser type, operating system version).
- Device Information: The operating system and browser you use to access the portal.
- Activity Data: Information about your interactions with the portal, including pages visited and actions taken.
How We Use Your Data
We use the information we collect for the following purposes:
- Portal Operation: To create and maintain your account, authenticate you when you log in, and provide directory services so family members can find and contact each other.
- Security & Safety: To detect, prevent, and respond to security incidents and unauthorized access attempts. IP addresses and login times help us identify suspicious activity and protect your account.
- Communications: To send you account-related emails, such as password reset links, security alerts, and important notifications about portal maintenance or policy changes.
- Access Control: To enforce login rate limits, detect brute-force attacks, and maintain account security by tracking failed login attempts.
- Compliance: To comply with legal obligations and to investigate potential violations of our Terms & Conditions.
IP Address Logging & Location Information
IP Address Logging Disclosure: Every time you log into the Egert Family Portal, your IP address and the timestamp of your login are recorded and stored in our security logs. This is done to detect unauthorized access and to help investigate security incidents.
What IP addresses reveal: Your IP address can indicate your approximate geographic location (usually at the city or region level). This is not exact location data—we do not track your GPS coordinates or precise location.
Why we log IPs: If someone attempts to access your account from an unusual location or at an unusual time, we can use this data to alert you and protect your account.
We do NOT track: GPS location data, cell tower triangulation, or any other real-time location tracking. We only log the IP address associated with your internet connection.
Data Storage & Security
- Server Location: All data is stored on a secure private server hosted by Hetzner Cloud in Helsinki, Finland. We chose this location for reliability and security.
- Encryption in Transit: All communication between your device and our server is encrypted using TLS/SSL (HTTPS). This means your data is protected while in transit.
- Password Security: Passwords are never stored in plain text. We use bcrypt hashing, a one-way encryption algorithm, so even our administrators cannot see your password.
- Access Controls: Only authorized personnel have access to servers and databases containing your data.
Cookies & Tracking
- Session Cookies Only: We use only essential session cookies to keep you logged in. These cookies expire when you close your browser or after 30 days (if you choose "Remember Me").
- No Tracking Cookies: We do NOT use cookies for tracking, analytics, or marketing purposes.
- No Third-Party Analytics: We do NOT use Google Analytics, Facebook Pixel, or other third-party tracking services.
- No Ads: The Egert Family Portal does not display advertisements, so we have no need for behavioral tracking or profiling.
Data Retention
- Access Logs: Security logs (IP addresses, login times, failed attempts) are retained for 90 days and then deleted automatically.
- Account Data: Your account information (name, email, profile) is retained as long as your account is active.
- Deleted Accounts: When you request deletion of your account, all associated data is permanently removed from our servers within 30 days.
Sharing of Data
We do not share your personal data with any third parties.
- No Third-Party Services: We do not use third-party email providers, analytics services, or cloud storage providers that would have access to your data.
- No Advertising Networks: We do not share data with advertising platforms.
- No Sell or Trade: We do not sell, trade, or lease your personal information.
- Family Directory Exception: Your email address may be visible to other family members in the portal's directory (unless you opt out). This is intentional—it allows family members to contact each other.
- Legal Obligation: If required by law (subpoena, court order), we may disclose information, but we will attempt to notify you unless legally prohibited.
Your Privacy Rights
- Access Your Data: You can request a copy of all personal data we hold about you in a machine-readable format.
- Correct Your Data: You can update or correct your account information at any time through your profile settings.
- Delete Your Data: You can request complete deletion of your account and all associated data.
- Directory Opt-Out: You can request that your email address be hidden from the family directory, though your account will remain active.
- Export Your Data: You can request an export of your data for use with another service.
To exercise any of these rights, contact [email protected].
Canadian Privacy Compliance (PIPEDA)
The Egert Family is a Canadian family, and our data practices align with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's primary federal privacy law. Our practices include:
- We collect only the personal information necessary to operate the portal.
- We use data only for the purposes you authorize or for operational necessity.
- We do not share data with third parties without consent (except as required by law).
- You have the right to access, correct, and delete your personal information.
- We maintain reasonable safeguards to protect your data from misuse, loss, and unauthorized access.
While this portal is not subject to PIPEDA in a legal sense (it's a private family system), we voluntarily adhere to PIPEDA principles because they represent best practices for privacy protection.
Contact Us
If you have questions about this privacy policy, wish to exercise your rights, or want to report a privacy concern, please contact:
Email: [email protected]
Subject: Privacy Request or Concern
We will respond to all privacy requests within 30 days.
This Privacy Policy may be updated from time to time. Any significant changes will be communicated to active users. Your continued use of the portal after updates constitutes acceptance of the updated policy.