Two new public documents, both written to be read — not skimmed past:
- /privacy — what we collect, why, who we share it with (the short list of named subprocessors), and how to exercise your GDPR + CCPA rights. We use only strictly-necessary cookies today, so there is no consent banner; if that ever changes, we’ll post about it here first.
- /terms — the contractual basics: what we provide, what we expect, what happens at cancellation, dispute resolution, and our acceptable use policy.
A few specifics worth calling out:
- No tracking pixels, no advertising IDs, no behavioural analytics. We use first-party logs and Sentry for error monitoring; that’s it.
- You own your site. Cancellation doesn’t change that — we’ll package the code and assets, and we’ll help migrate hosting at no charge.
- We keep audit logs for seven years. That’s a financial-records requirement, not a tracking choice. Your identity is anonymised in those logs the moment you delete your account.
If you want to know what we hold on you, the Export my data button on the account page returns the full picture as JSON.