Privacy

One thing: pageview analytics (no cookies, no fingerprinting). The site has no signup forms, no email collection, no contact form — the only way to reach us is direct email.

Pageview analytics.Plausible Analytics counts pageviews, source domains, country (resolved from IP and immediately discarded), browser, and device type. No cookies, no IP storage, no cross-site tracking. The data is hosted in the EU. Plausible’s own data-handling policy is at plausible.io/privacy.

We don’t use Google Analytics, Facebook Pixel, Hotjar, FullStory, Segment, or any other behavioral-tracking service. We don’t embed third-party fonts that phone home (we self-host IBM Plex Sans + IBM Plex Mono). The only third-party asset on the page is Plausible’s analytics script.

Cookies. IP addresses (Plausible processes them in-memory, doesn’t store). Names. Locations beyond country-level. Device fingerprints. Cross-site identifiers. Behavioral profiles. Heatmaps. Session recordings. Conversion attribution. Engagement scoring.

We have no system that could deanonymize a pageview to a specific person, and we wouldn’t use one if we did. The site doesn’t need any of this to do its job.

When you click an affiliate link on this site, the destination vendor receives a referral parameter that tells them you came from cheapstack. The vendor uses that to attribute the sign-up to us for commission purposes.

We don’t see your data on the vendor’s side — just the monthly referral commission report from each vendor (which contains an anonymized count of conversions, not individual user info). The vendor’s own privacy policy applies once you click through.

Because we don’t collect anything that identifies you, there’s no personal data to access, correct, or delete. If you’ve emailed us directly at hello@cheapstack.devand want that conversation deleted, ask — we’ll comply.

GDPR / CCPA / similar: the legal basis for the analytics is legitimate interest in understanding which pages get visited (no cookies, anonymized). You have no opt-out for the analytics because we don’t collect anything that identifies you in the first place. If a future change to this policy introduces personal-data collection, that change will be opt-in, not silent.

If we add a new tracking tool or change what we collect in any meaningful way, this page gets updated first and the diff lands in the public git history. The previous version stays accessible there.

We will not retroactively apply new collection to data we already have. If we ever introduce something that looks more like “normal SaaS tracking,” it will be opt-in, not silent.