№ 15 · Privacy

Privacy.

consent · data · rights

Less data is the feature.

ımyo serves an audience for whom discretion is not a preference but a duty. This page describes, in plain English, every piece of data this website touches — and the considerably longer list of data it deliberately does not.

Last updated: 11 July 2026.

№ 15-A

Controller.

who is responsible

ımyo is a pre-launch project. The operating legal entity will be named here before mainnet launch; until then, the project team is your point of contact for anything on this page: privacy@imyo.com.

№ 15-B

Analytics — only if you allow it.

consent-gated GA4
  • Nothing loads by default. Google Analytics is not loaded when you arrive. No request leaves your machine for Google unless you press “Allow analytics” in the consent notice. Declining is one click and is remembered.
  • What it measures if allowed. Page views, referrers and rough geography (IP addresses are anonymised), so we can see which research pages matter. Google LLC processes this on our behalf; transfers rely on the EU–US Data Privacy Framework. Legal basis: your consent (Art. 6(1)(a) GDPR), withdrawable at any time below.
  • What it never measures. No advertising features, no cross-site tracking, no remarketing, no wallet addresses — and no analytics of any kind on the app (app.imyo.com), by deliberate decision.
  • Local preferences. Your theme choice and your consent choice are stored in your browser's localStorage only. They contain no personal data and never leave your machine.

№ 15-C

The early-access list.

what the form stores
  • What we store. If you submit the early-access form we store your email address, the page you submitted it from, a timestamp, and the country and network metadata that Cloudflare attaches to the request. It is held in Cloudflare Workers KV in our account.
  • What it is used for. One thing: contacting you about institutional early access to ımyo. It is not shared, sold, enriched or used for advertising. Legal basis: your consent (Art. 6(1)(a) GDPR).
  • Double opt-in. We send one confirmation email; if you do not confirm, the address is not contacted again and is purged on a rolling basis.
  • Deletion. Write to privacy@imyo.com from the address in question and it is removed. Unconfirmed entries are deleted after 30 days; confirmed entries when the early-access programme ends or on your request, whichever is first.
№ 15-D

Infrastructure.

processors
  • Cloudflare, Inc. hosts this site at the edge (Pages, Workers, KV, DNS, WAF). Cloudflare terminates requests and, like any host, processes IP addresses to deliver the site and to filter attacks. Short-lived security logs are retained per Cloudflare's policies; we run no server-side visitor logging of our own.
  • Email delivery. Transactional email (the double opt-in confirmation) is sent through our email delivery provider as processor; only your email address and the message itself are shared for delivery.
  • Fonts, assets, everything else. Served first-party from imyo.com. No third-party CDNs, no Google Fonts requests, no social-media pixels, no embeds.
№ 15-E

Your rights.

GDPR

If you are in the EEA, the UK or Switzerland you have the right to access, rectify, erase and receive a copy of your personal data, the right to restrict or object to processing, and the right to withdraw consent at any time without affecting prior processing (Arts. 15–21 GDPR). You may also lodge a complaint with your supervisory authority. For any of these: privacy@imyo.com. We answer within one calendar month.

For the security-disclosure programme, see /security/. For the website's terms of use and imprint, see /legal/.