Privacy Policy

Our Commitment to Privacy

At hostile.eco, we take your privacy seriously. This policy explains what personal data we collect, how we use it, and your rights regarding that data.

What Information We Collect

Newsletter Subscriptions

When you subscribe to our newsletter, we collect:

• Email address (required)
• Name (optional, if you provide it)
• Content interests (optional, e.g., nuclear energy, wildlife protection)
• Subscription timestamp (automatic)
• IP address (for rate limiting and fraud prevention)

Website Analytics

We use Plausible Analytics, a privacy-friendly analytics service that:

• Does NOT use cookies
• Does NOT track you across websites
• Does NOT collect personal data
• Provides anonymized aggregate statistics only
• Is GDPR, CCPA, and PECR compliant by design

Learn more: Plausible Privacy Policy

How We Use Your Information

Newsletter Communications

We use MailerLite to send our newsletter. Your email address is used exclusively to:

• Send you weekly analysis and environmental policy insights
• Notify you of new articles (if you've subscribed to notifications)
• Personalize content based on your stated interests (if provided)

We will never:

• Sell your email address to third parties
• Share your data with advertisers
• Send you spam or unsolicited marketing

Double Opt-In Confirmation

When you subscribe, you'll receive a confirmation email with a link. You must click this link to activate your subscription. This ensures:

• You genuinely want to subscribe (not someone else using your email)
• Your email address is valid and active
• We have explicit consent to send you emails (GDPR requirement)

Data Storage & Processing

MailerLite (Email Service Provider)

Your newsletter subscription data is processed and stored by MailerLite, our email service provider:

• Location: MailerLite servers in the EU (GDPR-compliant infrastructure)
• Purpose: Email delivery, list management, engagement tracking
• Security: Industry-standard encryption and security practices
• Data Processing Agreement: MailerLite acts as a data processor under GDPR

Read MailerLite's privacy policy: MailerLite Privacy Policy

Data Retention

• Active subscribers: We retain your data for as long as you remain subscribed
• After unsubscribing: Your data is deleted within 30 days (unless required by law to retain)
• Analytics data: Plausible retains anonymized data for 24 months

Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you. Email badger@hostile.eco with "Data Access Request" in the subject line.

Right to Rectification

If your email address or name is incorrect, you can update it by clicking "Update preferences" in any newsletter email, or contact us.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your data at any time. Simply:

• Click "Unsubscribe" in any newsletter email (immediate removal)
• Email badger@hostile.eco requesting deletion

We will delete your data within 30 days of your request.

Right to Object

You can object to us processing your data for direct marketing purposes (newsletters). Unsubscribing stops all marketing communications immediately.

Right to Data Portability

You can request a machine-readable export of your subscription data (email, name, interests). Email badger@hostile.eco with "Data Export Request".

How to Unsubscribe

You can unsubscribe from our newsletter at any time:

1. Click the "Unsubscribe" link at the bottom of any newsletter email
2. Your email address will be removed immediately
3. You will not receive further emails from us

No questions asked, no guilt trips, no "Are you sure?" dark patterns. Just a clean, instant unsubscribe.

Cookies & Tracking

hostile.eco does not use cookies for tracking or analytics.

• No tracking cookies: Plausible Analytics doesn't use cookies
• No third-party cookies: We don't load ads, social media widgets, or tracking scripts
• No consent banners needed: Since we don't track, we don't need cookie consent pop-ups

The only cookies used are:

• Theme preference (light/dark mode): Stored locally in your browser, never sent to our servers

Security Measures

We implement industry-standard security practices:

• HTTPS encryption: All data transmitted to/from hostile.eco is encrypted
• API key protection: MailerLite API keys stored securely, never exposed to browsers
• Rate limiting: Prevents spam signups (max 5 signups per IP per hour)
• Email validation: Server-side validation before processing subscriptions
• Secure hosting: Netlify's secure, carbon-neutral infrastructure

Children's Privacy

hostile.eco is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you are a parent/guardian and believe your child has provided us with personal data, please contact us at badger@hostile.eco and we will delete it immediately.

Changes to This Privacy Policy

We may update this privacy policy from time to time. When we do:

• We'll update the "Last updated" date at the top of this page
• If changes are material, we'll notify subscribers via email
• Continued use of our services after changes constitutes acceptance

Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Consent: You explicitly consent by subscribing (double opt-in confirmation)
• Legitimate interests: Website analytics to improve user experience (anonymized, no personal data)

Data Controller

hostile.eco is the data controller for your personal data. We are responsible for ensuring your data is processed lawfully and securely.

Contact Us

If you have questions about this privacy policy, your data rights, or how we process your information, please contact us:

• Email: badger@hostile.eco
• Subject line: "Privacy Question" or "Data Request"

We aim to respond to all privacy inquiries within 5 business days.

Supervisory Authority

If you believe we've mishandled your personal data, you have the right to lodge a complaint with your local data protection authority:

• UK residents: Information Commissioner's Office (ICO)
• EU residents: Your national data protection authority

---

Summary (TL;DR)