Privacy, Cookies & Terms

Cookies & Local Storage

This site uses cookies and browser local/session storage to operate, remember your preferences, measure performance, and understand how the site is used. These include a strictly-necessary consent cookie, performance/analytics identifiers (a per-device visitor id and per-tab session id), and load-time measurements.

• ·Consent cookie — records your cookie choice so we don't ask again.
• ·Analytics identifiers — a random visitor id (local storage) and session id (session storage) used to count visits, pages, time-on-page and scroll depth. No name or email is attached.
• ·Performance — page load timing stored to show your average load time and improve speed.

Analytics & Tracking

We collect privacy-conscious analytics: page views, time on page, scroll depth, referring page, approximate location (country/region) derived from your IP address, device, browser and operating system, and aggregate click/scroll heatmaps stored as anonymous page-percentage coordinates. We also use Google Analytics. Your IP address is processed to derive location and is stored (hashed for analytics; retained briefly in raw form for abuse prevention and session management).

• ·We do not sell your personal data.
• ·You can opt out of analytics on this page; opting out stops analytics recording for your device.
• ·Aggregate, de-identified metrics may be shown publicly (e.g. visitor counts).

AI Chat & Voice Assistant

The site includes an AI assistant (text chat and an optional voice mode). Messages you send are processed by third-party AI providers (Anthropic Claude, and/or OpenAI/OpenRouter as fallback) to generate responses, and — in voice mode — your microphone audio is transcribed and replies are synthesized to speech using ElevenLabs. Audio is processed transiently to produce a transcript/voice and is not retained by us for advertising. Do not share sensitive personal information with the assistant. Voice mode only activates when you start it and uses your microphone solely while active.

IP Address & Location

Your IP address is used to derive an approximate country/region (for analytics, the visitor map, and to lock displayed locale), for rate-limiting, and for security/abuse prevention including the ability to restrict access. We do not use it to identify you personally.

Caching, Search & Sitemaps

We cache content for performance and publish a sitemap and machine-readable metadata so search engines and AI crawlers can index the site. Pages may be served from edge/CDN caches.

Device Recognition & Personal Identity

To offer an optional personalized experience (greeting you by a name you choose), this site can recognize your device across visits using a privacy-conscious device fingerprint — a hash derived from characteristics your browser exposes (user-agent, language, screen, timezone, graphics renderer, and a canvas rendering). This can recognize a returning device even after cookies/cache are cleared. We do NOT and CANNOT read your MAC address; the fingerprint is the privacy-safe equivalent. A name is only stored if you enter one; the fingerprint and an approximate IP are associated with that name solely to recognize the device next time.

• ·You control it — set, change, or remove your name anytime in the Accessibility panel's 'Personal Identity' section ('Not me' detaches your device).
• ·Only a self-chosen display name is ever shown to other visitors as a suggestion on a shared network; no other personal data is exposed.
• ·Legal basis: consent. Decline analytics/cookies on this page to opt out, or use 'Not me' to delete the association.
• ·The site owner can view device fingerprints and approximate IPs in an admin tool and may merge or delete identities; request deletion anytime via the contact below.

Legal Bases for Processing (GDPR)

Where the EU/UK General Data Protection Regulation applies, we process personal data under the following legal bases:

• ·Consent (Art. 6(1)(a)) — for non-essential analytics, heatmaps, and AI/voice features. You may withdraw consent at any time using the controls on this page; withdrawal does not affect prior lawful processing.
• ·Legitimate interests (Art. 6(1)(f)) — for security, abuse and fraud prevention, rate-limiting, and keeping the site reliable, balanced against your rights and freedoms.
• ·Contract / pre-contract steps (Art. 6(1)(b)) — when you submit a contact form or book a meeting so we can respond and arrange it.
• ·Legal obligation (Art. 6(1)(c)) — where we must retain or disclose data to comply with applicable law.

Your Privacy Rights (GDPR, UK GDPR & CCPA/CPRA)

Depending on where you live, you have rights over your personal data. We honor verifiable requests from all visitors regardless of region:

• ·Access — request a copy of the personal data we hold about you.
• ·Rectification — correct inaccurate or incomplete data.
• ·Erasure / Deletion — request deletion of your data ('right to be forgotten').
• ·Restriction & Objection — limit or object to certain processing, including profiling and direct marketing.
• ·Portability — receive your data in a portable, machine-readable format.
• ·Withdraw consent — opt out of analytics, AI, and cookies at any time on this page.
• ·Do Not Sell/Share (CCPA/CPRA) — we do not sell or share your personal information for cross-context behavioral advertising. California residents may still submit requests and will not be discriminated against for exercising them.
• ·Lodge a complaint — you may complain to your local supervisory authority (e.g. an EU Data Protection Authority or the UK ICO).

Third-Party Processors & International Transfers

We share the minimum data necessary with vetted service providers that process it on our behalf, and only for the purposes described here. These may include hosting/CDN and edge delivery, MongoDB (data storage), Cloudflare R2 (media), Google Analytics, IP-geolocation, Anthropic/OpenAI/OpenRouter (AI chat), ElevenLabs (voice), Resend (email), and Twilio (SMS). Some providers are located in the United States; where data is transferred internationally we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms. We do not sell your personal data to anyone.

Data Retention

We keep personal data only as long as necessary for the purposes above. Raw IP addresses used for abuse prevention/session management are retained briefly and then discarded or hashed; aggregate analytics are de-identified; contact and booking submissions are retained while relevant to our correspondence and then deleted on request or on a routine schedule. Backups are rotated and overwritten over time.

Children's Privacy

This site is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

Security

We use reasonable technical and organizational measures to protect your data, including encryption in transit (HTTPS), access controls, and rate-limiting. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Exercising Your Rights & Contact

To make a privacy request (access, deletion, correction, opt-out) or ask a question about this notice, email contact@mdcran.com with the subject 'Privacy Request'. We will verify your identity where required and respond within the timeframe set by applicable law (generally 30 days under GDPR, 45 days under CCPA). You can also opt out of analytics, AI, and cookies directly using the controls on this page. We may update this notice from time to time; material changes will be reflected by an updated 'last updated' date.

Information We Collect

When you interact with MDCran, we may collect the following types of information:

• ·Contact information when you submit the contact form, subscribe form, or newsletter signup.
• ·Usage data such as pages visited, time spent on pages, browser type, and device type via analytics tools.
• ·Communication data including messages you send and your communication preferences or consent selections.
• ·Technical data including IP address, browser type, and operating system.

How We Use Your Information

We may use your information for the following purposes:

• ·To respond to inquiries and fulfill project requests.
• ·To send service-related communications, updates, newsletters, and notifications you have consented to receive.
• ·To improve the website experience and understand how visitors interact with our content.
• ·To comply with legal obligations.

Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by law. Contact and subscription records may be retained while needed to provide requested communications, maintain opt-in and opt-out preferences, or satisfy legal and operational requirements.

Contact

For any privacy-related questions or requests, contact contact@mdcran.com.

Acceptance of Terms

By accessing and using mdcran.com, you accept and agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree to these terms, please do not use the site.

Use of the Site

You agree to use the site only for lawful purposes. You must not:

• ·Use the site in any way that violates applicable laws.
• ·Reproduce, duplicate, copy, or re-sell any part of the site without permission.
• ·Transmit unsolicited promotional or advertising material.
• ·Attempt to gain unauthorized access to any part of the site or related systems.
• ·Use the site to distribute malware or harmful code.

Services & Engagements

Inquiries submitted via the contact form constitute expressions of interest only and do not create a binding contract. All service engagements are governed by a separate written agreement between MDCran and the client. By submitting the contact form or subscribe form, you consent to MDCran using the contact details you provide to respond to your inquiry and, where you have expressly opted in, to send future updates, newsletters, announcements, or related communications.

Contact

If you have questions about these terms, contact contact@mdcran.com.