What we collect
Only what is strictly needed to operate the site:
- Server request logs — standard web-server records (URL requested, response status, timestamp, IP address, user agent string). Used to operate and secure the site. Raw logs are retained for no more than 24 hours, after which they are deleted; aggregated counts (e.g. "this page was viewed N times yesterday") may persist longer.
- Aggregate page-view counts via privacy-respecting analytics (Plausible or self-hosted Umami). These analytics use no cookies, do not track visitors across sessions, do not store IP addresses beyond the 24-hour log window above, and do not build any visitor profile. The analytics dashboard shows totals only.
- Contact-form submissions — if you write to us using a contact form, we store your message, the email address you provide, and the timestamp for up to 90 days, then delete them. Submissions are used only to reply to you.
- Newsletter subscriptions — if you opt in to our email newsletter, we store your email address and the date you subscribed, used only to send the newsletter. Every issue carries a one-click unsubscribe; we delete your address promptly once you unsubscribe, and we never sell or share it. The newsletter is entirely optional and separate from using the site — nothing on the site requires it, and we do not tie it to your browsing.
What we don’t collect
- No accounts. There is nothing to log into.
- No tracking cookies, no advertising cookies, no behavioral cookies of any kind.
- No third-party advertising trackers, social-media pixels, or behavioral-analytics tools.
- No personalized recommendations or behavioral ranking. The same query returns the same results for every visitor.
- No marketing emails beyond the newsletter you explicitly opt into (described above). We do not email people who have not asked to hear from us.
- No cross-device fingerprinting.
- No medical or health information about you. Nothing on this site asks for it; please don’t put your medical details in the contact form.
Cookies
The site uses cookies only for essential functions (for example, remembering that you closed a notice). No analytics, advertising, or tracking cookies are set. Because we use no non-essential cookies, no cookie-consent banner is required and none is shown.
The bibliography library and search
The evidence library runs entirely in your browser. The 14,000+ bibliography records are downloaded as a single static file when you load the page; everything else — search, filtering, sorting, pagination — happens locally on your device. We do not log your search terms or your filter choices.
Clicking a DOI, PMID, or open-access link in the library opens the publisher’s page in a new tab. Once you click out, the destination site’s privacy policy applies, not ours.
Third-party links
We link out to PubMed, doi.org, ClinicalTrials.gov, publisher journal pages, and patient-advocacy organizations. Those destinations have their own privacy policies; we do not control or monitor what they collect.
Hosting and where data lives
The static site is hosted on Cloudflare’s global content network. The bibliography database (when later moved off the pilot environment) will be hosted on a managed European provider (Hetzner Cloud, Germany). Aggregate analytics, when enabled, will be self-hosted in the same European environment. We avoid sending data outside the EU/EEA unless there is a documented and necessary reason.
Your rights
Because we collect so little, most data-protection requests have a simple answer: there is nothing about you to access, correct, or delete beyond what is described above. If you have submitted a contact-form message and want it deleted before the 90-day automatic deletion, write to us at the address below and we will delete it on receipt.
Under GDPR (EU/EEA), UK GDPR, and similar regimes (California CCPA/CPRA, etc.), you have rights of access, correction, deletion, restriction, portability, and objection. To exercise any of these, contact us at the address below.
Children
The site is not directed at children under 13 and we do not knowingly collect information from them. The content is written for adult patients, family members, clinicians, and researchers.
Security
The site uses HTTPS exclusively (HSTS preload), enforces a strict Content Security Policy, and is monitored for vulnerabilities through routine dependency updates. We do not retain payment information (we do not process payments). Security reports may be sent to the contact address below; we acknowledge security reports within 24 hours.
Changes to this policy
If we change this policy in a way that affects how we handle data, we will note the change in the errata and changelog page and update the last-reviewed date below. Older versions of the policy remain accessible by request.
How to contact us
Privacy questions, deletion requests, and security reports can be sent to privacy@tnbc.info.
Last reviewed: 2026-07-10. This policy reflects our current data practices; if we change how we handle data, we will note it in the errata and changelog and update this date.