1. Who we are

FragCircuit (“we“, “us“, “our“) is the publisher of fragcircuit.com. For the purposes of EU/UK GDPR, we are the data controller of personal data collected through this site. You can contact our privacy team at privacy@fragcircuit.com.

2. Information we collect

2.1 Information you provide directly

• Newsletter signups. Email address, optional name. Used solely to deliver the newsletter you requested.
• Contact and tip submissions. Email address, message content, and any attachments you choose to send.
• Comments (if enabled). Display name, email address, comment content, and IP address.

2.2 Information collected automatically

• Log data. IP address, approximate location, browser type, OS, referring URL, pages viewed, time on page, timestamps.
• Device data. Screen size, language preference, and similar non-identifying technical information.
• Cookies and similar technologies. See Section 5 for the full breakdown.

3. How we use your information

• To operate, maintain, and improve fragcircuit.com and its content.
• To send the newsletter you have subscribed to and to respond to messages you send us.
• To measure aggregate site usage so we can prioritize coverage and fix performance issues.
• To detect and prevent fraud, abuse, scraping, and security incidents.
• To comply with legal obligations and to enforce our Terms of Service.

We do not sell your personal information. We do not share your personal information with third parties for their own marketing purposes. We do not profile readers in order to make automated decisions about them.

4. Legal basis for processing (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, our legal basis depends on the specific data and the context:

• Consent (Art. 6(1)(a) GDPR). For non-essential cookies, marketing-class analytics, and email newsletter sign-ups. Withdrawable at any time.
• Contract (Art. 6(1)(b)). Where processing is necessary to deliver a service you have explicitly requested.
• Legitimate interests (Art. 6(1)(f)). For aggregate analytics, security and fraud prevention, and basic site operations — balanced against your rights and freedoms.
• Legal obligation (Art. 6(1)(c)). Where we must process data to comply with applicable law.

5. Cookies and similar technologies

We use a small number of cookies and similar technologies. We group them into three categories. Non-essential cookies are only set after you accept them via our cookie banner.

6. When we share information

We share personal data only in these limited circumstances:

• Service providers. Web hosting, email delivery for the newsletter, and aggregate analytics. Each provider is bound by a data-processing agreement.
• Legal requirements. When required to comply with a valid legal process, court order, or to protect our rights, safety, or property.
• Business transfers. If we are involved in a merger, acquisition, or sale of assets, we will provide notice and choice before personal data becomes subject to a different privacy policy.

7. International data transfers

Some of our service providers process personal data outside your country, including the United States. Where personal data of EU/UK/EEA residents is transferred to a country without an adequacy decision, we rely on the European Commission’s Standard Contractual Clauses (SCCs) or the UK International Data Transfer Addendum, plus supplementary technical measures such as encryption in transit and at rest.

8. Data retention

• Newsletter data: kept until you unsubscribe, then deleted within 30 days.
• Contact form / tips: kept for up to 24 months after our last interaction.
• Server logs: 30 days, then deleted or anonymized.
• Analytics data: aggregated and anonymized within 14 months.
• Comments (if enabled): retained for as long as the article is published.

9. Your rights — EU / UK / EEA / Switzerland

Under GDPR and UK GDPR, you have the following rights:

• Access — request a copy of personal data we hold about you.
• Rectification — correct inaccurate or incomplete data.
• Erasure (“right to be forgotten”) — ask us to delete your personal data.
• Restriction — limit how we process your data.
• Portability — receive your data in a machine-readable format.
• Objection — object to processing based on our legitimate interests.
• Withdraw consent — at any time, where processing is based on consent.
• Lodge a complaint — with your local supervisory authority (CNIL, AEPD, ICO, BfDI, etc.).

We respond to verifiable rights requests within 30 days (extendable to 60 days for complex requests with notice).

10. Your rights — United States

If you are a resident of California (CCPA/CPRA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Virginia (VCDPA), or another US state with applicable privacy law:

• Right to know what personal information we collect about you and how we use it.
• Right to delete personal information we have collected from you, subject to certain exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of “sale” or “sharing” of your personal information. We do not sell or share personal information for cross-context behavioral advertising.
• Right to limit use of sensitive personal information. We do not collect sensitive personal information beyond what is required to operate this site.
• Right to non-discrimination. We will not deny service, charge different prices, or provide a different level of quality because you exercised your privacy rights.

11. Children’s privacy

This site is not directed at children. We do not knowingly collect personal information from children under 13 in the United States (COPPA) or under 16 in the EU/UK/EEA. If you believe a child has provided personal information to us, please contact privacy@fragcircuit.com and we will delete it promptly.

12. Security

We use industry-standard technical and organizational measures to protect personal data: TLS 1.3 in transit, encryption at rest where supported, principle-of-least-privilege access controls for our team, and routine security review. No internet transmission is ever 100% secure, but we treat security as a continuous practice.

13. Third-party links

Our site links to third-party sites and services we do not control. This Privacy Policy applies only to fragcircuit.com.

14. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, for material changes, will notify you via prominent notice on the site or, where you have provided an email address, by email.

15. How to contact us