Privacy Policy | NivoPeak

Legal Notice

Courtesy Translation

This Privacy Policy is originally written in Italian as the official legal text. Any translations into other languages are provided solely for the user's convenience. In the event of any conflict, discrepancy, or interpretative differences, the Italian version shall always prevail.

Official Italian legal text: Read the official Italian version

This policy describes how we collect, use, and protect the data of users who visit NivoPeak ( https://nivopeak.com ).

NivoPeak is a personal, non-commercial hobby project aimed at providing high-resolution snowpack forecasts while fully respecting your privacy.

1. Data Controller

Matteo Ballabio (private citizen, resident in Italy — non-commercial personal project).

Contact: privacy@nivopeak.com

The processing carried out does not fall within the cases that make the appointment of a DPO mandatory (Art. 37 GDPR). The Controller maintains a Record of Processing Activities (Art. 30 GDPR).

2. How data processing works

NivoPeak does not require account registration and does not ask you to enter direct identifying data. Our servers exclusively receive technical data generated automatically during navigation, processed based on our legitimate interest (Art. 6, par. 1, lett. f, GDPR) to keep the service secure, functional, and improvable over time.

The complete data flow

Every time you visit NivoPeak, your connection passes through Cloudflare before reaching our servers. This results in the following flow:

Cloudflare receives your IP address and uses it to protect the site from cyberattacks and optimize loading speed. From your connection, Cloudflare deduces an approximate geographic location (country, region, city) and adds it as metadata to the request.
Our servers receive the request already enriched by Cloudflare's geographic headers, including the user's IP address. This data is processed in memory for the operations described below, but is never written to the database. Our statistics system (Umami) uses this data to: verify that the request comes from a real browser by analyzing the User-Agent; generate a pseudonymous session identifier; record usage statistics.
The cleartext IP address and User-Agent are never written to the database. They are processed exclusively in memory during the single request and then discarded.

The pseudonymous session identifier

To measure unique visitors without using cookies, the system generates a session identifier using an irreversible cryptographic hash function that combines the IP address, the User-Agent, the site ID, and a cryptographic salt that changes every month. Since the function is deterministic, the same device generates the same identifier for the entire current calendar month; at the change of the month, the new salt makes the identifier cryptographically disconnected from previous ones, making it impossible to link sessions from different months. Only this anonymous identifier is stored in the database, never the data that generated it.

What is recorded in the statistics

The retained data exclusively concerns aggregate characteristics of the device and navigation: browser type, operating system, device type, screen resolution, browser language, approximate geographic location (country, region, city — derived from Cloudflare headers), visited pages (URL and title), referring site (if any), and, if present in the URL, visit origin parameters (UTM and campaign identifiers, useful for understanding the effectiveness of links published on social networks). We also record which location is viewed and through which access method (text search, direct link, recent history, map selection), to understand which geographic areas benefit most from the service.

No automated processing (Art. 22 GDPR): we do not perform profiling, we do not make automated decisions with legal effects, and we do not cross-reference data with external sources.

The search bar

The words you type into the search bar are processed in real time by our internal engine to provide you with results. We do not keep any search history or any information about who performs them.

3. Local storage on your device

NivoPeak does not use cookies. The application saves two pieces of information in your browser's local memory (localStorage, comparable to strictly necessary technical cookies):

Theme preference (light, dark, system): without automatic expiration.
Last 5 searches performed: each entry is automatically deleted 30 days after being saved.

This data is never transmitted to our servers or to third parties. You can delete them at any time from the application interface or from your browser settings.

4. External providers

Cloudflare manages the entire traffic of the site and backend services, and is the entity that processes the most significant data: your IP address. It acts as a Data Processor (Art. 28 GDPR) and is contractually bound not to use your data for advertising or marketing.

To display maps, weather data, and 3D terrain, NivoPeak uses external providers (Open-Meteo, OpenFreeMap, Mapterrain). Your browser never directly contacts these services: all requests pass through technical intermediaries managed via Cloudflare Workers, so these providers never receive your IP address and it is not necessary to qualify them as Data Processors.

Oracle Cloud Infrastructure (Milan Region) physically hosts the servers running the statistics system and the search engine. Its role is purely infrastructural: server logs are configured to remove IP addresses before writing to disk, and the database contains no direct personal data, so Oracle does not access any data traceable to you under ordinary circumstances.

5. Extra-EU data transfer

Cloudflare

Situation: Network traffic may pass through servers outside the EEA
Guarantees: EU-US Data Privacy Framework (DPF)

Oracle Cloud

Situation: Data is stored in Milan; Oracle staff can access servers remotely for maintenance
Guarantees: Binding Corporate Rules for Processors (BCR-p) and DPF certification

6. Data retention

IP Address

Where: Cloudflare servers
Retention: Max 30 days, then deleted or aggregated

Technical server logs

Where: Our servers on Oracle Cloud (Milan)
Retention: Max 30 days; the IP is removed from the log configuration

Anonymous statistics

Where: Our servers on Oracle Cloud (Milan)
Retention: No expiration (no personal data stored)

Theme and recent searches

Where: Your device
Retention: Max 30 days for searches (you can delete them from your browser at any time)

7. Your rights

According to the GDPR, you have the right to request access to, rectification, erasure, or restriction of processing of your data, or to object to its processing, and you can file a complaint with the Italian Data Protection Authority . You can exercise your rights by writing to privacy@nivopeak.com .

The technical nature of the service, however, imposes some practical limits:

Objection to statistics (DNT/GPC): if you have activated the Do Not Track (DNT) or Global Privacy Control (GPC) settings in your browser, blocking occurs entirely on the client side, before any data is transmitted to our servers. No statistics are collected, not even in aggregate form.
Retroactive deletion of statistics: since statistical data is cryptographically pseudo-anonymized before storage, we have no way of tracing which records correspond to you. Even if you provide us with your IP address, we would not be able to identify and delete your data (Art. 11 GDPR).
Network traffic (Cloudflare): routing traffic through Cloudflare is technically essential for the site to function. The only viable option to object to this specific processing is not to use NivoPeak.

8. Policy updates

In case of significant changes (new providers, changes to processing methods), we will display a prominent notice on the site for at least 30 days following the publication of the new version.