Skip to main content
Legal Compliance Theater

Privacy Policy

The Privacy Policy Nobody Reads But Everyone Should

Last Updated: December 5, 2025(or whenever we remembered to update this)

TL;DR — The Actually Readable Summary

  • We collect minimal data — mostly analytics and whatever you voluntarily put in the Library/Todos apps.
  • We don't sell your data — we wouldn't know how, and frankly, it's probably not worth much anyway.
  • Stripe handles payments — we never see your card details, which is good because we shouldn't be trusted with them.
  • You have rights — GDPR, CCPA, all that. We respect them. Details below for the legally curious.

Now scroll down for the legally required novel, written with 40% more sarcasm than industry standard.

What We Collect (And Why)

A comprehensive inventory of our digital surveillance apparatus

Your Rights (Yes, You Have Some)

Privacy regulations give you actual power. Here's how to wield it.

GDPR (EU)

Access

Request a copy of your data. It's mostly page views and maybe some library books.

Rectification

Correct inaccurate data. Though analytics data is largely anonymous, so good luck.

Erasure

The "right to be forgotten." We can delete your account data. The memories remain.

Portability

Export your data in a usable format. JSON, probably. We're developers.

Object

Opt out of certain processing. Use an ad blocker. We respect that.

Withdraw Consent

Change your mind anytime. Clear cookies, disable JavaScript, live off-grid.

CCPA (California)

Right to Know

What personal information we collect and why. You're reading it right now.

Right to Delete

Request deletion of your personal information. We'll comply, reluctantly.

Opt-Out of Sale

We don't sell your data. But legally we have to tell you that you can opt out.

Non-Discrimination

We won't treat you worse for exercising rights. That would be petty.

The Cookie Theater

Digital crumbs we leave in your browser (the technical kind, not the delicious kind)

Essential Cookies

Importance: 100%

Required for basic functionality. Can't be disabled without breaking things.

Examples: Session tokens, authentication state, CSRF protection

Analytics Cookies

Importance: 60%

Google Analytics cookies that tell us if anyone's reading this.

Examples: _ga, _gid, _gat (Google Analytics identifiers)

Functional Cookies

Importance: 40%

Remember your preferences so we don't have to ask again.

Examples: Theme preference, locale settings

Third-Party Cookies

Importance: 80%

Cookies from Stripe, Firebase, and other integrated services.

Examples: Payment session, authentication persistence

By using this site, you accept cookies. You can opt out by clearing browser cookies, using an ad blocker, or achieving digital enlightenment.

Our Digital Hoarding Schedule

How long we keep your data before Marie Kondo-ing it

Analytics Data

26 months

Google's default. Could be shorter, but we forgot to configure it.

Account Data

Until deletion requested

Your library, todos, and preferences persist until you ask us to delete them.

Payment Records

7 years

Legal requirement for financial records. Blame accountants.

Session Cookies

Session-based

Gone when you close your browser. Like tears in rain.

Analytics Cookies

Up to 2 years

Unless you clear them. We encourage browser hygiene.

Server Logs

90 days

Azure's standard retention. Security stuff.

The Necessary Evils

Third-party services we rely on, each with their own privacy policies (that you also won't read)

Stripe

Payment processing

Firebase

Auth, Database, Analytics

Google

Analytics (GA4)

Microsoft Azure

Web hosting

GitHub

Code hosting, CI/CD

Questions? Concerns? Existential Privacy Dread?

For privacy inquiries, data requests, or to exercise your rights under GDPR/CCPA, please reach out. We'll respond with the urgency that privacy law requires and the enthusiasm of someone answering emails.

Data Controller: Justin Kowarsch

privacy@jjk.engineer

(this address may or may not exist)

Response times vary from "immediately" to "when the coffee kicks in," depending on inquiry volume and competing priorities like staring at code wondering why it doesn't work.

Legal Disclaimer

This privacy policy represents our good faith effort at compliance with GDPR, CCPA, and other applicable privacy regulations. Privacy law is complex, evolving, and occasionally contradictory. This document is not legal advice. For actual legal advice, consult an actual lawyer. For satirical commentary on privacy, you've come to the right place.

Remember: In the grand theater of digital privacy, at least we're telling you about our cameras.