What I do and don't do.

Who

Stefan Koop, Breda, the Netherlands. Reachable at stefan@koop.fit. Data controller under the GDPR.

What I store

• Your email address.
• The moment you signed up.
• Country derived from IP (country code only, never the full IP).
• Version of the consent text you accepted.
• A random unsubscribe token so you can opt out with one click.

I don't store full IP addresses, referrers, or browser fingerprints. The IP is hashed immediately and only the country code is derived.

Why

Legal basis: your consent (Article 6(1)(a) GDPR), explicitly via the checkbox at signup. Purpose: to send you at most a handful of emails per year when something new goes live.

How long

As long as you stay subscribed. If you opt out, only a hash of your email is kept for 30 days to prevent duplicate processing, then permanently deleted.

Who I rely on

• Vercel Inc. – hosting for this site, EU region. Data processing agreement in place.
• Neon – database (Postgres), EU region. Data processing agreement in place.

No one else. No Google Analytics, no Meta pixel, no Mailchimp.

Your rights

Access, correction, erasure, restriction, portability. One email to stefan@koop.fit and you'll get a reply within 7 days. You also have the right to file a complaint with the Dutch Data Protection Authority.

Cookies

None. This site sets no cookies and uses no tracking scripts. Nothing to dismiss.