Effective Date: April 24, 2025 · Last updated: April 24, 2026
Most privacy policies are written by lawyers to protect companies. This one is written by a person, to inform a person.
The short version: we collect as little as possible, we tell you exactly what and why, and the system is designed so that even if someone stole our data, there would be nothing useful inside.
Privacy First by Design
The surveillance business model is simple: harvest behavior, sell predictions. It powered a generation of free tools by making users the product. Most analytics platforms are downstream of that model. They were built to track individuals, then retrofitted with compliance language to appear respectable.
We chose differently. The analytics system running on this site was built from scratch around one constraint: it must be structurally incapable of identifying anyone. Not a matter of trust. The data should not exist at all. There is no cookie consent banner on this site simply because we genuinely do not need one. We have no Google Analytics, no Facebook Pixel and no advertising scripts or third-party trackers of any kind.
What We Collect
Newsletter subscriptions: When you subscribe to the newsletter, we collect your email address. That is it. We also record:
- Consent: You have to check a box confirming you want to receive emails. We log that confirmation as proof of consent.
- Where you came from: If you arrived via a campaign link (from Twitter, a newsletter, or an ad), we may store that source in your browser’s localStorage for 30 days. This helps us understand which channels are effective. It lives on your device, not our servers. You can delete it by clearing your browser’s site data anytime you wish.
Anonymous analytics: We want to know whether the writing is reaching people. We do not want to know who those people are. So we designed and built our own analytics system, specifically for this site. It records exactly three things:
- Session start: When a new browsing session begins, we log where it came from. Either a campaign link (paid or social traffic) or the referring website (organic traffic, like a link shared on Reddit or LinkedIn). For organic referrals, we record only the domain name, never the specific page URL.
- Page read: When you scroll to the end of an article, we log that the page was read. Not by you specifically. Just: this page got a read today.
- Click: When you click important links like buy buttons or the subscription form, we log that action and its type.
Everything is stored as daily aggregate counts. “Three people clicked the Kindle button on Tuesday.” Not “this IP address clicked the Kindle button at 14:37.” There are no individual timestamps. The database cannot reconstruct who did what. No IP addresses. No device fingerprints. No browser details. No full referrer URLs. Nothing that could identify a person. Forty-seven people found the surveillance piece via Reddit that day. We know nothing else about them except that thirty-one read it to the end. We are comfortable with that.
Your Rights
Unsubscribing: Every email has a one-click unsubscribe link. It works immediately and permanently. No questions asked.
Access or deletion: Your email and consent data sit with Brevo. To view or delete it, write to editor@steerania.com and we will handle it.
Analytics data: There is nothing to request because there is nothing identifying you in it. The data is genuinely anonymous, not pseudonymous with the identifying bits hidden somewhere else.
Security
We use Cloudflare for hosting and Brevo for email. Both are GDPR-compliant. We do not sell your data. We do not share it. There is very little of it to begin with, which is the whole point.
Changes to This Policy
If we update this policy, we will post the new version here with an updated date.