What We Collect
Public visitors. Nothing personal. If you tap Accept on the biscuit tin, we measure aggregate visit stats and page speed via Vercel Analytics and Speed Insights — country-level location, device type, referrer. No names, no IPs stored, no cross-site tracking, no ads.
Staff (admin login). If you sign in to the backroom, we store your email address, a hashed password, and (if enabled) a 2FA secret. We also keep a session cookie so you stay logged in.
Error reports.When Sentry is enabled, broken things in the browser (uncaught errors, stack traces) get sent for triage so we can fix them. We strip personal data from reports; the goal is “what crashed”, not “who”.
Cookies & Storage
Strictly necessary. A session cookie keeps the staff area logged in. A small localStorageentry remembers your cookie choice so the biscuit tin doesn’t pester you on every visit.
Analytics & error monitoring (only with consent). Vercel Analytics, Speed Insights, and Sentry only load if you tap Accept. Decline, and they never load.
Where Your Data Lives
Authentication data and stored content live in Convex (our backend host) and Vercel (hosting + analytics). When error monitoring is enabled, crash reports go to Sentry. That’s the full list. We don’t sell, rent, or share data with anyone.
How Long We Keep It
Analytics data is aggregated and retained per Vercel’s defaults. Account data lives until you ask for it gone. Sessions expire when you log out or the cookie does — whichever first.
Your Rights
Under UK / EU GDPR you have the right to access, correct, or delete your personal data, and to withdraw consent at any time. To withdraw analytics consent, clear your browser’s site data for this domain — the biscuit tin will reappear on your next visit.
Changes
If this policy changes meaningfully, the date below updates and we’ll re-prompt for consent if scope grows.
Last updated · April 2026