Privacy policy
Short version: we store a random click ID so an operator can tell us a referral converted. We don't store your IP address, your email, or any cookie that tracks you across sites. Detail below.
What we collect
- Click ID: a random identifier generated when you click
a
/go/affiliate link. We echo it back in the URL so you can quote it if you ever want your data deleted. - Country code: derived from the
CF-IPCountryheader Cloudflare sets, two letters (e.g.CO). We do not store the IP it was derived from. - User-agent family: bucketed to shapes like
Chrome/Windows. We do not store the full UA string. - Referrer: the page you came from, if your browser sends it.
- Terms snapshot: a copy of the operator's bonus terms at the moment of the click, so any later dispute about the offer shown is resolvable.
What we do NOT collect
- No IP address in our database. Cloudflare briefly sees it for anti-abuse; we never join that with affiliate data.
- No email, name, phone, or any identifier you didn't click on a link to generate.
- No third-party tracking cookies. No Google Analytics. No Facebook Pixel. No ad networks.
- No
__cf_bmbot-mitigation cookie - we deliberately keep Cloudflare's Bot Fight Mode off (see ADR-014 in our public repo).
How to delete
Email [email protected] with the click ID (it's in the URL right after you clicked through to an operator). We soft- delete the row within 30 days and purge it from backups on the next backup rotation. If you don't have the click ID, tell us the approximate date and the operator; we'll locate the record.
GDPR applicants (EU / UK / Portugal): we are the data controller. You have the right to rectification, erasure, and complaint to your supervisory authority.
Habeas Data applicants (Colombia): we are the encargado del tratamiento. Request rights under Ley 1581/2012 via the same email.
LGPD applicants (Brazil): we are the controlador under Lei 13.709/2018. Rights under Art. 18 are honoured via the same email.
Backups
The Postgres database is backed up nightly to an encrypted (chacha20- poly1305) archive on Backblaze B2. The decryption key is not stored on the backup service. Backups are retained for 30 days, then overwritten.
Updates
This policy is versioned in git. Material changes are noted on this page with a revision date. Last material revision: 2026-04-23.