The short version: almost nothing, sold to nobody.
gotnerfed is an open-source watchdog. We do not sell user data. We do not run third-party ad scripts. We collect the absolute minimum required to operate the service: an email address (so we can send you the weekly digest if you ask), a session cookie (so you stay logged in), and basic Stripe payment metadata for paid subscribers. That is it.
What we collect
- Email address. Required to send magic-link sign-in emails and the weekly digest. Stored in our Postgres database (Neon, US-East-1).
- Session cookie. A signed JWT identifying your active session. Expires after 30 days of inactivity.
- Stripe customer + subscription ID. For paid subscribers only. Used to look up your subscription status. Stripe holds your payment card info — we never see it.
- Push subscription endpoint. If you opt into browser push notifications, your browser-generated subscription URL is stored. You can revoke at any time.
What we do NOT collect
- No browsing history outside gotnerfed.com
- No third-party advertising trackers (Google Ads, Facebook Pixel, etc.)
- No analytics-driven cookies; if we ever add analytics it will be privacy-respecting (Plausible / first-party only)
- No "real name" — we only ask for email
- No financial information beyond what Stripe needs (which is held entirely by Stripe)
- No location data, no IP-based geo-tracking
Who we share data with
- Resend — to send transactional emails (magic links, digests, alerts). Email + subject + body only.
- Stripe — to process payment for paid subscribers. Email + payment method.
- Neon — our Postgres database host. They store the user/session/subscription tables on our behalf.
- Vercel — our hosting provider. They see request logs.
We sign DPAs with each. We do not share data with anyone else. We never sell data.
Your rights (GDPR / CCPA)
You have the right to: access your data, export it, correct it, delete it, withdraw consent at any time. Email privacy@gotnerfed.com with your request and we will action it within 30 days.
You can also delete your account at any time from Account settings. Deletion is permanent.
Cookies
We use one cookie: better-auth.session_token — the session cookie for logged-in users. It is HTTP-only, SameSite=Lax, Secure. Set when you sign in, deleted when you sign out or it expires.
Children
gotnerfed is intended for users 16 years or older. We do not knowingly collect data from anyone under 16.
Changes to this policy
We will update this page when we change anything material. The full history is in the git log atgithub.com/virtualunc/gotnerfed. Material changes will be announced via the weekly digest.
Contact
Privacy questions: privacy@gotnerfed.com
General contact: hello@gotnerfed.com