Effective 2026-06-13. Short version: this site has no analytics or ad tracking, but some essay pages include a small heart counter.
This site runs no analytics, advertising pixels, or third-party trackers. Most pages set no cookies.
Pages that include /assets/page-footer.js show a heart counter. Reading the count does not set a cookie. If you click the heart, the local lw-likes Flask service sets a same-site lwid cookie for duplicate-prevention.
1. Web server logs. Nginx records standard access logs: IP address, user agent, requested URL, timestamp, and response metadata. Logs stay on hardware I operate and are rotated/deleted within about 14 days.
2. Heart counter data. The likes API stores per-page like totals. For 24-hour deduplication after a click, it stores keys derived from the page slug, your IP address, and the lwid cookie ID, with a timestamp, in a local SQLite database. Dedup keys older than 24 hours are purged by the app when likes are posted. The cookie itself may remain in your browser for up to two years unless you delete it.
All public traffic is routed through Cloudflare Tunnel/Cloudflare for TLS and routing. The heart counter is a first-party Flask service running on this server behind nginx.
If you email me, I receive your email address and whatever you wrote, and use it to reply.
For deletion or privacy questions, email [email protected].
This policy lives in git; changes are versioned and the effective date changes when the policy changes.