jjk.engineer Professional Consulting, Questionable Frameworks
Legal Compliance Theater

Privacy Policy

The Privacy Policy Nobody Reads But Everyone Should

Last Updated: March 7, 2026 (or whenever we remembered to update this)

TL;DR — The Cliff Notes Version

  • We collect minimal data: analytics (Google), payments (Stripe), and authentication (Firebase).
  • We don't sell your data. We're not that kind of business.
  • You have rights under GDPR and CCPA. We'll actually honor them.
  • Cookies are used. Essential ones can't be disabled. Analytics ones can (use an ad blocker).

For the legally masochistic, the full details follow.

What Data We Collect (And Why We Need It)

We integrate with third-party services because building everything ourselves would take forever and be worse. Here's who touches your data and what they do with it:

Stripe
The Payment Processor That Actually Works

When you participate in our "investment opportunities" (donate), Stripe handles everything money-related. They collect your payment information, process transactions, and ensure neither of us gets defrauded.

What We Collect

  • Payment card information (they keep it, not us)
  • Billing address
  • Transaction history
  • Device fingerprint for fraud prevention

Why We Use This Service

Because we wanted to accept money and Stripe is what grown-up websites use.

Their Privacy Policy: https://stripe.com/privacy

Firebase (Google)
Our Entire Backend, Basically

Firebase powers our authentication, database, and analytics infrastructure. If you ever create an account (currently invite-only), your data would live in Firebase Firestore. We use Firebase Auth so you can log in without us storing your password (because we absolutely should not be trusted with that).

What We Collect

  • Email address (if you create an account)
  • Library data (books, highlights, reading progress) — if authenticated
  • Todo items — if authenticated
  • Analytics data via Google Analytics 4 (G-YYY0NMTM5D)
  • Session information

Why We Use This Service

Building our own auth and database would have taken forever and been worse.

Their Privacy Policy: https://firebase.google.com/support/privacy

Google Analytics 4
The Digital Surveillance You Consented To

We use Google Analytics 4 (via Firebase) to understand how people use this site. It tells us things like which pages are popular, how long you linger on content, and whether anyone actually reads past the first paragraph. Spoiler: the analytics suggest no.

What We Collect

  • Pages visited and time spent
  • Browser and device information
  • Approximate location (anonymized)
  • How you found us (search, social, divine intervention)
  • Click patterns and scroll depth

Why We Use This Service

We need to know if anyone's out there. It's lonely.

Their Privacy Policy: https://policies.google.com/privacy

Your Rights (We Actually Mean It)

Privacy regulations exist for a reason. Here's what you're entitled to:

GDPR Rights (EU)

Access

Request a copy of your data. It's mostly page views and maybe some library books.

Rectification

Correct inaccurate data. Though analytics data is largely anonymous, so good luck.

Erasure

The "right to be forgotten." We can delete your account data. The memories remain.

Portability

Export your data in a usable format. JSON, probably. We're developers.

Object

Opt out of certain processing. Use an ad blocker. We respect that.

Withdraw Consent

Change your mind anytime. Clear cookies, disable JavaScript, live off-grid.

CCPA Rights (California)

Right to Know

What personal information we collect and why. You're reading it right now.

Right to Delete

Request deletion of your personal information. We'll comply, reluctantly.

Opt-Out of Sale

We don't sell your data. But legally we have to tell you that you can opt out.

Non-Discrimination

We won't treat you worse for exercising rights. That would be petty.

Cookie Policy (The Tracking You Agreed To)

We use cookies. Everyone uses cookies. Here's what each type does and how important it is:

Essential

100% Important

Required for basic functionality. Can't be disabled without breaking things.

Session tokens, authentication state, CSRF protection

Analytics

60% Important

Google Analytics cookies that tell us if anyone's reading this.

_ga, _gid, _gat (Google Analytics identifiers)

Functional

40% Important

Remember your preferences so we don't have to ask again.

Theme preference, locale settings

Third-Party

80% Important

Cookies from Stripe, Firebase, and other integrated services.

Payment session, authentication persistence

How Long We Keep Your Data

Different data has different retention periods. Here's the breakdown:

Analytics Data

26 months

Google's default. Could be shorter, but we forgot to configure it.

Account Data

Until deletion requested

Your library, todos, and preferences persist until you ask us to delete them.

Payment Records

7 years

Legal requirement for financial records. Blame accountants.

Session Cookies

Session-based

Gone when you close your browser. Like tears in rain.

Analytics Cookies

Up to 2 years

Unless you clear them. We encourage browser hygiene.

Server Logs

90 days

Standard hosting retention. Security stuff.

Third-Party Services We Use

These external services help power this site. Each has their own privacy policy:

Stripe

Payment processing

Privacy Policy →

Firebase

Auth, Database, Analytics

Privacy Policy →

Google

Analytics (GA4)

Privacy Policy →

GitHub

Code hosting, CI/CD

Privacy Policy →

Questions? Concerns? Data Requests?

Data Controller: jjk.engineer (that's us)

Contact: privacy@jjk.engineer

We'll respond to legitimate privacy requests within 30 days. Spam will be ignored.

If you read this far, you deserve a cookie. Literally. We'll set one for you. With your permission, of course.

Views expressed on this site are my own and do not represent my employer. All satirical content is intended for entertainment purposes. No synergies were harmed in the making of this website.

Legal Notice and Disclaimer

Be it known to all readers, prospective litigants, and weary HR drones that all scenarios, characters, dialogues, and corporate malfeasance contained herein are purely hypothetical constructs, presented "as is," without warranty of reality, veracity, or immunity from HR retribution. Any resemblance to actual persons—living, departed, or reluctantly employed—or to specific organizations, subsidiaries, holding companies, meetings, conference rooms, email domains, job titles, salary ranges, organizational hierarchies, corporate buzzwords, team-building exercises, quarterly objectives, performance metrics, bathroom conversations, water cooler gossip, Slack channels, shared drives, expense reports, parking assignments, cafeteria seating arrangements, or interdepartmental feuds is strictly the result of the reader's fertile imagination and in no way a matter of record, precedent, or admissible evidence.

Should any perspicacious sleuth discern veritable correlations to real-world events, such recognition is hereby declared purely fortuitous, coincidental, and entirely divorced from fact. This disclaimer serves the dual purpose of (a) shielding yours truly from frivolous lawsuits, needless performance improvement plans, and impromptu "we need to talk" meetings that could easily inspire an entire future blog post, and (b) maintaining plausible deniability for all parties involved.

Reader discretion is advised. The author assumes no liability for occupational hazards incurred through excessive pattern recognition.