Privacy Policy

Last updated: May 18, 2026

DataStack Radar ("we", "us", "our") operates the website at datastackradar.com. This policy explains what personal data we collect, why we collect it, and your rights over it. We collect the minimum amount of data necessary to operate the service.

1. What data we collect

Email address - when you subscribe to the weekly newsletter or create an account. Used to send you digest emails and account notifications.

Account data - if you sign up, we store your email and authentication tokens via Supabase (our authentication and database provider). We do not store passwords - authentication is handled by Supabase directly.

Usage data - we may collect anonymised information about pages visited and features used to improve the service. We do not use third-party analytics trackers (e.g. Google Analytics).

Payment data - if you subscribe to a paid plan, payment is processed by Stripe. We never see or store your card details. Stripe provides us with a billing record (plan, status, renewal date) associated with your email.

2. How we use your data

  • To send the weekly digest email you subscribed to
  • To send instant alerts (Pro plan) when a breaking change is detected in your chosen tools
  • To manage your account and subscription
  • To process payments and prevent fraud (via Stripe)
  • To improve the service (anonymised usage patterns only)

We do not sell your data to any third party. We do not use your email for marketing unrelated to DataStack Radar.

3. Third-party services

Supabase - authentication and database. Your email and account data are stored on Supabase infrastructure (EU region where available). Supabase is GDPR compliant.

Resend - transactional email delivery (digests, confirmations). Your email address is shared with Resend solely to deliver emails you have requested.

Stripe - payment processing for Pro plans. Stripe stores your payment method and billing history under their own Privacy Policy.

Railway - website and API hosting. Railway processes request logs (IP address, user-agent) as part of normal hosting operations.

4. Cookies

We use only functional cookies - specifically, Supabase sets a session cookie when you log in to keep you authenticated. We do not use advertising cookies or cross-site tracking cookies.

5. Data retention

Newsletter subscribers: your email is retained until you unsubscribe. Account holders: your data is retained while your account is active and for up to 30 days after deletion. Billing records are retained for 7 years as required by applicable tax law.

6. Your rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to processing or request restriction
  • Data portability
  • Withdraw consent at any time (e.g. unsubscribe from newsletter)

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

7. Contact

For any privacy questions or requests: [email protected]