Skip to main content

Privacy Policy

Last updated April 16, 2026

Information We Collect

Email address. When you subscribe to the newsletter, we collect the email address you provide.

Payment information. When you make a purchase, payment details (card number, billing address) are collected and processed directly by Stripe. We do not store your card information on our servers.

Usage data. We collect anonymous analytics data such as page views, referral sources, and device type to understand how the site is used.

How We Use Your Information

  • Send you the weekly digest and other content you subscribe to
  • Process payments for products or services you purchase
  • Improve the site based on aggregate usage patterns
  • Respond to questions or requests you send us

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Payment Processing

Payments are processed by Stripe, a PCI-compliant payment processor. When you make a purchase, your payment information is sent directly to Stripe and is subject to their privacy policy. We receive only a confirmation of the transaction and limited billing details (such as the last four digits of your card) — we never have access to your full card number.

Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — payment processing
  • Resend — email delivery
  • Vercel Analytics — anonymous site usage analytics

Each service operates under its own privacy policy. We only share the minimum data required for each service to function.

Data Retention

Your email address is retained as long as you remain subscribed. If you unsubscribe, your email is removed from our mailing list. Payment records are retained as required for accounting and legal obligations. You can request deletion of your data at any time by contacting us.

Your Rights

  • Unsubscribe from emails at any time using the link in any email we send
  • Request a copy of the personal data we hold about you
  • Request deletion of your personal data
  • Request correction of inaccurate data

To exercise any of these rights, email help@nickschmidt.so. We will respond within 30 days.

California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

  • Right to know. You can request details about the categories and specific pieces of personal information we have collected about you.
  • Right to delete. You can request deletion of your personal information, subject to certain legal exceptions.
  • Right to opt out of sale. We do not sell your personal information. We never have and never will.
  • Right to non-discrimination. We will not discriminate against you for exercising any of these rights.

To submit a CCPA request, email help@nickschmidt.so. We will verify your identity and respond within 45 days.

European Privacy Rights

If you are in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) provides you with additional rights:

  • Legal basis. We process your data based on consent (newsletter signup), contract performance (payment processing), and legitimate interest (site analytics).
  • Right to access. Request a copy of all personal data we hold about you.
  • Right to rectification. Request correction of inaccurate or incomplete data.
  • Right to erasure. Request deletion of your personal data.
  • Right to restrict processing. Request that we limit how we use your data.
  • Right to data portability. Receive your data in a structured, machine-readable format.
  • Right to withdraw consent. Withdraw consent at any time where processing is based on consent.

Your data may be transferred to and processed in the United States, where our service providers (Stripe, Resend, Vercel) operate. These providers maintain appropriate safeguards for international data transfers. To exercise your rights, email help@nickschmidt.so. We will respond within 30 days.

Data Breach Notification

In the unlikely event of a data breach that compromises your personal information, we will notify affected users via email within 72 hours of becoming aware of the breach. We will also notify relevant regulatory authorities as required by applicable law. The notification will include the nature of the breach, the data affected, steps we are taking to address it, and what you can do to protect yourself.

Cookies

This site uses minimal cookies for analytics (Vercel Web Analytics and Speed Insights). We do not use advertising cookies or third-party tracking cookies. No personal information is stored in cookies.

Changes to This Policy

We may update this policy from time to time. Changes will be reflected on this page with an updated date. Continued use of the site after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your personal data, email help@nickschmidt.so.