Privacy Policy

Last updated: 2026-05-10

Pending external review. This is the working draft until counsel signs off. Changes will be flagged in the changelog.

What we collect

Analytics & tracking vendors

We route every analytics event through one in-house tracker (src/lib/analytics) that fans out to the vendors below. Each vendor self-disables when its API key isn't configured, so the list reflects what's actually live, not what's in the codebase.

We honor the Global Privacy Control (GPC) header — if your browser sends it, every tracker above is suppressed, no exceptions. Older Do Not Track (DNT) signals suppress the consent-gated ad pixels but leave first-party analytics on.

Where it's stored

Who we share it with

Nobody, except the third parties listed above as needed to deliver the service. We don't sell data. Ad-platform pixels (Meta, LinkedIn) only fire if you Accept on the cookie banner.

How long we keep it

Your rights

Contact

Privacy questions: /contact.