Privacy Policy
Last updated: 2026-05-02.
What we collect
- Page views and request metadata — via Cloudflare Web Analytics. No cookies, no fingerprinting, no PII.
- localStorage in your browser, for: chosen timezone, language preference, web/print theme, custom personalization (title, highlight team). This data never leaves your device.
- Sponsor accounts (only if you sign up at
/sponsor) — email, company name, country, hashed password. Payment info is handled by Stripe; we never see your card. - Generated PDF metadata — when you click "Download PDF", we log: a tracking ID, your language, view, theme, and the country of the request. We do not log IP addresses or anything personally identifiable.
Cookies
We use one cookie: a session cookie for the sponsor portal. It's HttpOnly; Secure; SameSite=Lax and lasts 30 days. If you don't sign up as a sponsor, no cookies are set.
Third parties
- Cloudflare Pages / Workers / D1 / R2 / KV — hosting and storage.
- Stripe — payment processing for sponsor purchases.
- Resend — transactional email (sponsor signup verification, etc.).
- Google AdSense — display ads on the public site (subject to Google's privacy policy).
- QR-code generator (api.qrserver.com) — used to render QR codes in PDFs at print time. The QR code URL string is the only data sent.
Your rights (GDPR, CCPA)
You can request deletion of your sponsor account and all associated data by emailing privacy@cupdays.com.