What we collect
We log basic page views server-side: the path you visited, a timestamp, and your user-agent string. IP addresses are kept for 30 days for abuse prevention, then dropped. We also count clicks on store "get directions" buttons so owners can see how their listing is performing.
When you submit a store listing or a listing update, we store the form contents (store info, plus your email and IP), and any photos you upload. Photos are stored in Cloudflare R2.
What we don't collect
No third-party advertising. No analytics SDKs (no Google Analytics, no Facebook pixel, no Segment, nothing like that). No marketing cookies. No fingerprinting.
Cookies
Cloudflare Turnstile sets a short-lived cookie on form pages to verify you're not a bot. The admin area uses an HttpOnly session cookie, which only applies to logged-in admins (not public visitors). That's it.
Photos
Photos uploaded through the update-listing form are stored in Cloudflare R2 and may be displayed publicly on store pages. You can request removal of any photo at any time by emailing [email protected].
Third parties
Cloudflare hosts the site and provides bot protection. OpenStreetMap and Nominatim provide map tiles and geocoding (no personal information is sent to them beyond the standard request data).
Data requests and contact
Email [email protected] for data access, deletion, or correction requests. We respond within 30 days. California residents have rights under CCPA; EU and UK residents have rights under GDPR.
Changes
If we make meaningful changes to this policy, we'll update the date at the top of this page.