What we do with your data

We capture your email when you unlock the full report or subscribe to monthly updates. We use it to send the report you asked for, the updates you asked for, and nothing else. We don't sell it. We don't share it. Reply to any email and ask us to delete it — we will.

We hash your IP (SHA-256, truncated) and use the hash to rate-limit free reports and to recognise the same client across analytics events. We never store the raw IP. The hash isn't linked to your email.

We log activity — page views, search submissions, report dwell — keyed to an anonymous session ID. Most events carry no personal data. Two specific events (when you submit your email and when you sign up for monthly updates) include the email address so we can join the submission to the rest of the funnel. We use this to learn which findings actually help operators.

We use three localStorage keys: an anonymous session ID we share across the site, plus two per-report keys — one to skip the email gate on return, one to pre-fill the monthly-updates form. No third-party tracking, no advertising cookies.