Privacy Policy

This website works the way the rest of the web should work. Your privacy is actually respected.

No Tracking or Analytics

This website does not use any analytics software or tracking of any kind. There is no Google Analytics, no Matomo, no Plausible, and no other tracking service. Your visit is not recorded or profiled. Your movements around the website are not tracked, analysed or monitored. Your data is not shared or sold.

No Cookies

This website does not set any cookies. Neither the standard kind, nor the hacks that websites use to track people who block cookies. There are no session cookies, no tracking cookies, and no cookie consent banners, because there are no cookies to consent to.

No Third-Party Resources

All assets (stylesheets, images, icons) are served directly from this server. There are no CDNs, no Cloudflare, no externally hosted fonts, and no third-party scripts. The Content Security Policy enforces this by restricting all resource loading to the same origin.

Private Search

The site search runs entirely on this server using a local search index. Your search queries are not sent to Google, Bing, or any other third-party search engine. No one is profiling your searches or using them to serve you targeted advertising.

Referrer Protection

A strict no-referrer Referrer-Policy is set on every response. When you click an external link on this site, the destination will not know that you came from this website. That's none of their business.

Google Ad/Tracking Tech Disabled

The Permissions-Policy header explicitly disables Google's advertising and tracking technologies that they are abusing their market share (Chrome) to shoe horn into the web. These include FLoC, the Topics API, Attribution Reporting, Ad Interest Groups (FLEDGE) and Ad Auctions (Protected Audience API), for those of you unfortunate enough to be running Google Chrome. Your browser will not participate in any of these systems while on this site. Please consider switching to Mozilla Firefox.

Transport Security

All connections are encrypted with HTTPS. HTTP Strict Transport Security (HSTS) with preloading ensures your browser will only ever connect over HTTPS, even on your first visit: This site is included in browser HSTS preload lists.

Cross-Origin Isolation

Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy, and Cross-Origin-Resource-Policy headers are set to isolate this site from other origins, preventing cross-origin data leakage.

Access Logs

Basic webserver access logs (IP address, timestamp, request path, status code) are retained for approximately two weeks, for the purpose of detecting and handling abuse. After that period, they are deleted. Logs are not shared with any third party.

JavaScript is disabled. These keyboard shortcuts require JavaScript to function.

Keyboard Shortcuts

?
Open this modal
/ or S
Focus on search field
L
Like this page
Esc
Close popup / blur field

Go to

G H
Home
G B
Blog
G S
Search