Privacy policy.

The short version

• We collect your email when you subscribe to a guide or the newsletter.
• We collect basic page-view analytics (no individual tracking) so we know which guides people read.
• We store data with named third-party providers — listed in full below.
• We don't sell your data. We don't share it for advertising. We don't profile you.
• You can unsubscribe with one click. You can request deletion of your data at any time by emailing [email protected].

What we collect

Subscriber data. When you sign up for an email lead magnet (state checklist, hidden-cost guide, newsletter), we collect: your email address; the magnet you signed up for; the page you signed up from; the date and time of signup; and an anonymized hash of your IP address used solely to detect signup abuse.

Analytics. We collect aggregate page-view data: which page was viewed, referrer, device class (mobile vs. desktop), country (not city or precise location). We use two analytics services, both configured to operate without setting tracking cookies and without associating page views with individual identities:

• PostHog (product analytics) — pageviews, page-leave timing, and Core Web Vitals performance metrics. We have explicitly disabled session recordings, heatmaps, and click-level autocapture. PostHog runs in memory-only persistence mode, which means no cookies are set and no cross-tab session tracking occurs.
• Cloudflare Web Analytics — a privacy-friendly aggregate analytics beacon provided by our CDN. It records pageviews and basic page performance metrics without setting cookies and without using browser fingerprinting techniques. Cloudflare publishes details at cloudflare.com/web-analytics.

Error monitoring. We use Sentry to capture JavaScript errors that occur while you use the site, so we can fix bugs. Error events include the URL where the error occurred, the error message and stack trace, your browser and operating system (e.g., "Chrome on Windows"), and a coarse country-level location. We have explicitly disabled Sentry's session-replay feature. Error events are tunneled through our own domain (movingrated.com/monitoring) before being forwarded to Sentry; this is for adblocker resilience, not additional data collection.

Email engagement. If you receive an email from us, our email service provider records when the email was delivered, opened, and which links were clicked. This is used to fix delivery problems and improve content; it is not shared externally.

What we do not collect. We do not collect: physical addresses, phone numbers, payment information (we don't sell anything directly to readers), browsing history outside MovingRated, or any data from third-party trackers.

How we use what we collect

To send you the email magnet you requested. To send the newsletter you subscribed to. To improve which content we publish next. To detect and stop signup abuse (e.g., one IP submitting hundreds of fake emails). For nothing else.

Service providers

We use these named third-party services to operate the site. Each is bound by its own privacy policy and data-processing terms. We don't share your data outside this list.

• Supabase (database + auth) — stores subscriber records and editorial content. Privacy policy: supabase.com/privacy
• Listmonk (self-hosted email platform) — manages email lists, double opt-in, and unsubscribe.
• Brevo (SMTP relay) — delivers our outgoing emails. Privacy: brevo.com/privacy
• Cloudflare — provides our CDN, DNS, and a privacy-friendly aggregate analytics beacon (Cloudflare Web Analytics). Cloudflare Web Analytics does not set cookies or use browser fingerprinting; it records page views and page performance only. Privacy: cloudflare.com/privacypolicy
• PostHog (product analytics) — pageviews and Core Web Vitals. Configured cookieless: session recordings, heatmaps, and click-level autocapture are all explicitly disabled. Privacy: posthog.com/privacy
• Sentry (error monitoring) — captures JavaScript errors that occur during your visit so we can fix bugs. Configured to disable session replay and to tunnel events through our own domain. Privacy: sentry.io/privacy
• Vultr (hosting infrastructure). Privacy: vultr.com/legal/privacy

Data retention

Subscriber records are retained as long as you're subscribed, plus a 30-day grace period after unsubscribe to honor any re-subscribe request. After 30 days we delete the email address from our active database. Aggregate analytics data is retained for 24 months.

Your rights

Regardless of where you live, you can email [email protected] to:

• Get a copy of all data we have associated with your email address.
• Correct any data that's wrong.
• Delete all data associated with your email address.
• Object to any specific use.
• Request that we stop sending you any emails immediately.

We respond to data requests within 30 days. Most are handled within five business days.

GDPR (European Economic Area readers)

If you live in the EEA, the legal basis for processing your data is your consent (you subscribed) and our legitimate interest in operating the website. You have the right to withdraw consent, lodge a complaint with your local supervisory authority, and exercise all rights under GDPR Articles 15-22. Our data controller contact: [email protected].

CCPA (California readers)

If you're a California resident, the CCPA gives you the right to know what personal information we collect, request deletion, and opt out of any sale of personal information. We do not sell personal information. The opt-out is unnecessary in our case but the right exists. Email [email protected] for any CCPA request.

Children

MovingRated is not directed at children under 13. We do not knowingly collect data from children under 13. If you're a parent or guardian and believe your child has provided us with personal information, email us and we'll delete it.

Changes to this policy

We may update this policy. Material changes will be announced at the top of this page and dated. Older versions are kept on file and available on request.

Contact

For any privacy question, request, or concern, email [email protected].