TL;DR: I don't collect any of your data unless you explicitly and intentionally share it with me or it's required in order for this site to function and provide membership services.

Tracking and analytics

I collect 100% anonymous analytics with Fathom — it helps me learn what is popular and how people find this blog. There's no tracking you around, no recording your IP address, no fingerprinting, no cookies (!). In other words, no BS.

This is what Fathom gives me. There's no drill-down, no extra data. This is it. 

Free membership

When you become a member, I will collect your email address, your name (if you decide to share it with me), the date you've joined, and your country. Your country is determined at signup by your IP address in the background, and I only get the result: what country you've joined from. I neither see nor store your IP address anywhere.

Here's what your account information looks like to me

I will only use this information to send you new posts (if you've subscribed to this), address you by your name (if you shared it with me), and to know where most members are joining from (it helps me tailor content to the audience). When you unsubscribe, I will stop sending you any new emails immediately. If you wish to delete your account, please let me know and I will immediately delete all data about you, permanently and irreversibly.

When you become a paid member, my payment processor Stripe will collect some essential data about you and your payment method; this data is required to process your payment. Both Stripe and I will get your name, email address, country and postal code (in some cases).

This is what your account information looks like to me in Stripe

Stripe will also use some other data points to evaluate transaction risk, detect and prevent fraud, and ultimately protect both of us from unauthorized transactions. You can learn more about how it works here. I have no access to any of the algorithms or data points they use in the process.

Stripe will also get your complete credit card information in order to process your payment. I will only see the last 4 digits of the card number and its expiration date. This information will only be used in case you reach out to me and need to troubleshoot payment issues.

This is what your credit card information looks like to me in Stripe

Stripe is PCI-complaint which means it's at least as secure and safe as your bank. A payment will show up in your bank statement as coming from ROSNOVSKY.US. Stripe will send you receipts and payment notifications; these emails will come from @rosnovsky.us domain and it will look something like this:

Emails

If you're subscribed to new blog posts, you will receive them by fax via email. I use Mailgun to deliver emails, and in order to make this happen, I will give your email to Mailgun using their API. They do not store it or use it for any other purpose then to send my single email and only when I ask them to. They generate a programmatic receipt each time I send you an email, and it looks something like this:

{
	"tags": [],
	"timestamp": 1588788068.559941,
    
	[... some technical data ...]
	
    "envelope": {
		"transport": "smtp",
		"sender": "[email protected]",
		"sending-ip": "209.61.151.224",
		"targets": "[email protected]"
	},
    
    	[... some technical data ...]
	
    "recipient-domain": "rosnovsky.us",
	"message": {
		"headers": {
			"to": "[email protected]us",
			"message-id": "[email protected]",
			"from": "Rosnovsky Park™ <[email protected]>",
			"subject": "🔑 Secure sign in link for Rosnovsky Park™"
		},
		"attachments": [],
		"size": 17961
	},
	"recipient": "[email protected]",
	"event": "delivered",
	"delivery-status": {
		"tls": true,
		"mx-host": "aspmx.l.google.com",
		"code": 250,
		"description": "",
		"session-seconds": 11.486005067825317,
		"utf8": true,
		"attempt-no": 1,
		"message": "OK",
		"certificate-verified": true
	}
}

Mailgun stores 7 days of these logs for me and deletes them permanently after 7 days.

️⚠️ How I share your information with others ⚠️

I only use and share your information as described above.

Outside of what I described above, under no circumstances will I ever share any of the information I gather about you without explicitly asking your full and informed consent first. I will contact you personally and ask for permission to share any of this if I every need to share your data with someone. The one and only exception would be valid court subpoena, in which case I'll be force to provide the court with the information I have about you.

That's it.

P.S. Please understand that this is my best good-faith effort to disclose complete information about what data I collect about you and how I use it to offer you this blog. I'm constantly monitoring this space and will update this post accordingly.