Privacy

Contact form

The contact form on this site collects three fields: your name, your email address, and your message. These are the only pieces of information the form asks for.

Submissions run through Cloudflare Turnstile to block automated traffic. The Turnstile check happens in your browser and on the server; it does not use tracking cookies and does not profile you across sites.

Once a submission passes the bot check, it is delivered to my inbox via Resend. Resend processes the message for the sole purpose of email delivery. You also receive a short automated confirmation at the address you supplied.

Retention

Messages live in my email inbox. There is no separate database of contact submissions. If you want a message or your email address removed, send a note to contact@timothychoice.com and I will delete it.

Analytics

This site uses Cloudflare Web Analytics. It is cookieless and does not build a profile of individual visitors. I see aggregate numbers — page views, countries, referrers — and nothing that identifies you. No third-party trackers or advertising pixels are loaded.

On-site chatbot

The Ask Timothy widget in the bottom-right is a portfolio assistant powered by a third-party large language model. Each message you type is transmitted to OpenRouter, which proxies the request to the underlying model provider for completion. OpenRouter and the model provider may log requests according to their own policies — review their privacy notices if that matters to your use case.

On the server side this site does not log conversation contents. What is stored — all in Cloudflare Workers KV with short TTLs — is limited to: per-IP rate-limit counters (1h), a shared daily token-spend counter (2 days), per-IP daily message and token caps (2 days), a per-session abuse counter (1h, keyed by an opaque UUID generated in your browser), and a forensic log entry per request (30 days) that records only timestamp, hashed-IP prefix, message length, response length, latency, token total, and whether a refusal fired. No request body or response text is ever persisted. Your raw IP is never stored; it is hashed (SHA-256) and only the first 16 hex characters are kept as a key prefix.

The widget runs through six layers of defence: input pre-flight (banned-pattern and unicode-hygiene checks), a hardened system prompt with explicit identity, action, and knowledge boundaries, output post-flight filtering (system- prompt leak detection, URL allowlist, profanity scan, refusal-bypass detection, length cap), tightened per-IP economic limits, forensic logging without PII, and a tiered refusal pool that escalates to a one-hour session cooldown after repeated abusive prompts.

On your side, the conversation is held only in your browser's sessionStorage. That means it is wiped when you close the tab, and it is never sent anywhere except as part of an outgoing chat request. The reset button in the panel header clears it on demand. No cookies are used by the widget.

If you would prefer not to use the chatbot, simply do not open it — no requests are sent until you submit a message. For opt-out or data requests email contact@timothychoice.com.

Your rights

You can ask at any time what data I hold that relates to you and request deletion. Email contact@timothychoice.com and I will respond within a few days.