Skip to content

Privacy Policy

Last updated: April 19, 2026

This Privacy Policy describes how Solaar (“Solaar”, “we”, “us”, or “our”) collects, uses, and protects personal information in connection with the website solaar.mariansan.io (the “Site”). Solaar is a demonstration project operated by Marian Sanjur, based in Panama, showcasing an AI development agency concept built with a custom stack of AI agents.

By using the Site, you agree to the practices described in this Policy. If you do not agree, please do not use the Site or submit information through it.

1. Who we are (Data Controller)

Controller: Marian Sanjur
Site: solaar.mariansan.io
Location: Republic of Panama
Contact: hello@mariansan.io

For the purposes of the EU General Data Protection Regulation (GDPR), Marian Sanjur is the “data controller” of the personal data processed through the Site. For the purposes of the California Consumer Privacy Act (CCPA/CPRA), Marian Sanjur is the “business.”

2. What information we collect

We only collect personal information that you voluntarily provide, plus limited technical data required to operate the Site.

Information you provide through the contact form or email signup:

  • Name
  • Email address
  • Company or organization (if provided)
  • Message content or inquiry details
  • Any other information you choose to include

Information collected automatically via Google Analytics 4 (GA4):

  • IP address (anonymized / truncated by GA4)
  • Browser type, device type, operating system, screen resolution
  • Language and approximate geographic location (country/region level)
  • Pages visited, referring URL, time on page, click events, timestamps
  • Device identifiers and pseudonymous user/session identifiers stored in cookies

GA4 data is collected only after you provide consent through our cookie banner (see Section 4).

We do not collect special categories of data (e.g., health, biometric, racial, religious, or political data), and we do not knowingly collect personal information from children under 16.

3. How we use your information (Purposes and Legal Bases)

PurposeLegal basis (GDPR)
Responding to your inquiry submitted via the contact formConsent (Art. 6(1)(a)) and/or legitimate interest (Art. 6(1)(f))
Sending updates if you opted in to email signupConsent (Art. 6(1)(a))
Analyzing Site usage via Google Analytics 4Consent (Art. 6(1)(a))
Operating, securing, and improving the SiteLegitimate interest (Art. 6(1)(f))
Complying with legal obligationsLegal obligation (Art. 6(1)(c))

Because Solaar is a demonstration project, we do not use your personal data for advertising, profiling, or automated decision-making that produces legal or similarly significant effects.

4. Cookies and tracking technologies

The Site uses cookies and similar technologies, managed through CookieYes, our consent management platform (CMP). When you first visit the Site, CookieYes displays a cookie banner allowing you to accept, reject, or configure non-essential cookies by category.

Cookie categories used:

CategoryPurposeExamples
Strictly necessaryRequired for the Site to function and for consent managementCookieYes consent cookies (e.g., cookieyes-consent)
AnalyticsGoogle Analytics 4 — measures Site usage and performance_ga, _ga_<CONTAINER-ID>
FunctionalRemembering preferencesSet only if applicable
Performance / AdvertisingNot currently used

Google Analytics 4 specifics:

  • Provider: Google Ireland Ltd. / Google LLC
  • IP anonymization is enabled
  • Data is transferred to Google servers, including in the United States, under the EU-U.S. Data Privacy Framework and Standard Contractual Clauses
  • Default retention for GA4 event data: 14 months

Non-essential cookies (including GA4) are only loaded after you provide consent. You can change or withdraw your consent at any time by clicking the cookie preferences link available in the Site footer, which reopens the CookieYes banner. You can also block or delete cookies through your browser settings.

5. How we share your information

We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising as defined under the CCPA/CPRA.

We may disclose personal information to:

  • Service providers / processors that help us operate the Site, including:
    • Vercel Inc. (United States) — hosting and edge network
    • Namecheap (United States) — domain and DNS
    • Google Ireland Ltd. / Google LLC (Ireland / United States) — Google Analytics 4
    • CookieYes Limited (Ireland / United Kingdom) — cookie consent management
    • Email delivery or form-handling providers (as applicable)
  • Legal and regulatory authorities, where required by law, subpoena, or to protect our rights.
  • Successors, in the event of a reorganization, merger, or similar transaction.

All processors are bound by contractual obligations consistent with applicable data protection laws.

6. International data transfers

Solaar is operated from Panama and relies on service providers primarily located in the United States and the European Union. When personal data originating in the European Economic Area (EEA), United Kingdom, or Switzerland is transferred outside those regions, we rely on appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, and/or
  • Service providers certified under the EU-U.S. Data Privacy Framework (e.g., Google LLC).

You may request a copy of the safeguards in place by contacting us at the address in Section 1.

7. Data retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy:

  • Contact form inquiries: up to 24 months after the last interaction, unless a longer period is required by law.
  • Email signup data: until you unsubscribe or request deletion.
  • GA4 analytics data: up to 14 months (GA4 default), in pseudonymized form.
  • Cookie consent records (CookieYes): up to 12 months, as required to evidence your consent choices.

When data is no longer needed, it is deleted or anonymized.

8. Your rights

8.1 Rights under GDPR (EEA / UK residents)

Subject to applicable conditions and exceptions, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data (“right to be forgotten”).
  • Restrict or object to certain processing.
  • Data portability — receive your data in a structured, machine-readable format.
  • Withdraw consent at any time, without affecting the lawfulness of prior processing.
  • Lodge a complaint with your local supervisory authority (e.g., your national Data Protection Authority).

8.2 Rights under CCPA/CPRA (California residents)

California residents have the right to:

  • Know what personal information is collected, used, shared, or sold.
  • Delete personal information, subject to certain exceptions.
  • Correct inaccurate personal information.
  • Opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising.
  • Limit the use of sensitive personal information. We do not collect sensitive personal information as defined under the CPRA.
  • Non-discrimination for exercising your rights.

8.3 Rights under Panamanian law

In accordance with Law No. 81 of 2019 on Personal Data Protection of the Republic of Panama, data subjects located in Panama have the rights of access, rectification, cancellation, opposition, and portability (ARCO-P rights) regarding their personal data, and may file complaints with the National Authority for Transparency and Access to Information (ANTAI).

8.4 How to exercise your rights

To exercise any of these rights, contact us at hello@mariansan.io. We will respond within the timeframes required by applicable law (typically 30 days under GDPR; 45 days under CCPA, extendable once). We may request information to verify your identity before acting on your request.

9. Security

We implement reasonable technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction, including encryption in transit (TLS), access controls, and use of reputable infrastructure providers. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Third-party links

The Site may link to external sites, including portfolio examples, GitHub repositories, or social profiles. We are not responsible for the privacy practices of those third parties. We recommend reviewing their privacy policies before submitting any information.

11. Children’s privacy

The Site is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal information, please contact us so we can delete it.

12. Demonstration nature of the Site

Solaar is presented as a demonstration project illustrating an AI agency concept. While real personal data submitted through the contact form or email signup is handled according to this Policy, no commercial services are currently offered through the Site. Information provided will not be used to deliver paid services unless we explicitly enter into a separate engagement with you.

13. Changes to this Policy

We may update this Policy from time to time. The “Last updated” date at the top of this document indicates when it was last revised. Material changes will be announced on the Site. Continued use of the Site after an update constitutes acceptance of the revised Policy.

14. Contact

For questions, requests, or complaints regarding this Privacy Policy or your personal data:

Email: hello@mariansan.io
Location: Panama City, Republic of Panama