Last updated: 2 June 2026
Privacy is the core of this publication, so this policy starts with what we do not do.
What we refuse to do#
- No surveillance advertising. No ad networks, no tracking pixels, no sponsored content. We answer to our readers, not to advertisers.
- No third-party trackers. No Google Analytics, no Meta pixel, no cross-site tracking.
- No selling or renting your data. Ever. To anyone.
- No behavioural profiling and no using your data to train AI.
We collect the minimum needed to operate, and we tell you exactly what that is.
What we collect#
Visitors. Aggregate, privacy-respecting analytics (self-hosted Plausible, cookie-less by default): page-view counts with no individual identifiers and no cross-site tracking.
Newsletter subscribers (if you subscribe). Your email address (to deliver the newsletter) and an optional language preference. We keep only aggregate open/click counts — no long-term individual tracking.
Interactive tools (when available). Any computations run client-side, in your browser. We do not collect your inputs or results unless you explicitly opt in to receive an emailed report — in which case we collect only your email address. A connectivity/leak test that must send a request to our resolver logs the source IP ephemerally (≤24 hours), then deletes it, retaining only country-level aggregates.
Why we use it#
Newsletter delivery and language localisation; aggregate analytics to improve our writing (never for advertising or sales); delivering a tool report only when you ask; and meeting legal obligations where they genuinely apply.
How long we keep it#
Data minimisation throughout: newsletter data until you unsubscribe (plus a short backup window); aggregate analytics up to 24 months; resolver logs ≤24 hours (then country-level aggregates); emailed tool reports are not stored on our servers. Backups are encrypted.
Sharing#
We do not share, sell, or rent your data, with narrow exceptions: processors acting strictly on our behalf (e.g. email delivery), bound to confidentiality; and valid legal process from a competent jurisdiction, which we review and will challenge where overbroad. We never share data with ad networks, data brokers, social platforms, or AI-training providers.
Your rights#
Depending on where you live (GDPR/UK GDPR, CCPA/CPRA, Japan’s APPI, LGPD, and others), you may have rights to access, delete, correct, port, or object to processing of your data, and to non-discrimination for exercising them. We do not sell data, so opt-out-of-sale does not apply — but we affirm it explicitly.
To exercise any right, email privacy@cypherpunkguide.com. We respond within the timeframe your law requires (e.g. 30 days GDPR / 45 days CCPA) and may verify your identity first. Reasonable requests are free.
Cookies#
Minimal, strictly-necessary cookies only (e.g. session and an optional language preference). No advertising or tracking cookies. Plausible is cookie-less. Where we embed third-party media, we prefer privacy-respecting embeds and tell you when we cannot.
Funding & affiliate links#
We answer to our readers, not to advertisers. We are supported by transparent revenue streams: Bitcoin and Monero donations today, with a possible Premium subscription and a small number of editorially-aligned affiliate links in a later phase. If and when we use affiliate links, we disclose them plainly and only recommend tools we use ourselves.
Children#
This site is not intended for children under 13 (under 16 in the EU). We do not knowingly collect their data.
Changes#
We may update this policy; material changes will be announced (newsletter notice and a site banner), with the “last updated” date above.
Contact#
Privacy questions and data requests: privacy@cypherpunkguide.com. We are a distributed publication and keep no public physical office. See also our Imprint.