The short version
This website uses Google Analytics 4 in a deliberately stripped-down
posture. It sets one first-party analytics cookie
(Google's _ga) so visits can be counted and pages and
CTAs measured. No advertising cookies are set. No personal
data is collected. No cross-site or cross-device tracking happens.
What we measure is traffic — counts of pageviews, clicks, and scroll
depth — tied only to a pseudonymous, per-browser identifier, never to
your identity.
You can verify the posture yourself: open your browser's developer
tools, load any page, and inspect the request to
google-analytics.com/g/collect. It carries
gcs=G101 — analytics granted, advertising denied — and
npa=1 (non-personalized).
What's collected
- Page views — which URLs are visited, in what order, with referrer + UTM tags.
- A pseudonymous identifier — stored in the first-party
_gacookie so repeat pageviews in a session (and returning visits) can be counted as one browser. It is a random ID, not linked to your identity. - Scroll depth — fires once per page when a visitor reaches 90% of the page height.
- Outbound link clicks — when you click a link to another domain.
- File downloads — when you click a link that ends in a download extension (.dmg, .exe, .AppImage, .zip).
- Download CTA clicks — which Download button on which page (hero, nav, footer, final).
- Release page views — which release notes pages get traffic.
- Coarse geolocation — country-level only, derived server-side from IP. The IP itself is anonymized and never stored.
What's not collected
- Your identity, email, or any directly identifying PII.
- Your IP address — GA4 anonymizes it on collection; it is used to derive country, then discarded.
- Advertising cookies or ad signals — all three ad consent types (
ad_storage,ad_user_data,ad_personalization) are denied, and ads personalization is off (npa=1). - Cross-site or cross-device tracking — Google Signals is disabled at the property level.
- City-level or precise geolocation — granular location data collection is disabled.
- Form fields, search queries, or video engagement — none of these are enabled.
- Anything from the Pitch desktop app — the app and this website are separate analytics streams. The app's own usage data is opt-in and off by default; see what Pitch collects.
How the analytics is configured
Google Analytics 4 runs through Consent Mode v2 with
analytics granted and all advertising denied. That
means GA sets a single first-party _ga cookie to count
browsers and reports the pageviews and events it observes directly —
these are real counts, not statistical estimates. Because the ad
consent types stay denied and Google Signals is off, none of that
data feeds advertising, remarketing, or cross-device profiles.
The technical signature: every measurement request to GA includes
gcs=G101 in the query string. G101 means
"advertising denied, analytics granted." If you ever see
gcs=G111 (advertising granted) in your network tab while
on pitch.morperhaus.org, that would mean the posture is misconfigured —
please file a bug.
Retention
Event data is retained in Google Analytics for 14 months from the date of collection, then automatically deleted. This is the maximum retention period available on the free tier and exists to allow year-over-year comparisons.
How to opt out completely
To stop all measurement, block it at the source: a content blocker
like uBlock Origin, the EFF's Privacy Badger, or your browser's
built-in tracking protection (Safari ITP, Firefox ETP, Brave Shields)
will block the Google Analytics script — no _ga cookie is
set and no pings leave your browser. You can also delete the
_ga cookie for pitch.morperhaus.org at any time, or
browse in a private/incognito window so it's discarded when you close
it. Nothing on this site depends on analytics being allowed.
The Pitch desktop app
The Pitch desktop application can send anonymous usage counts — and only if you say yes. The first time you create or import a deck, a banner asks once; until you choose, the app sends nothing. You can turn it on or off anytime in Settings → Privacy.
When it's on, the app reports counts only — the app version you're on, how many decks you create and share, and the slide types you use (HTML, Figma, Google Slides, and the rest). It never sends the content of your pitches, your identity, or file paths. Events are tied to a random, content-free per-install identifier, not to you. The full, itemized list is at what Pitch collects.
Separately — and regardless of the telemetry choice — the app checks for updates via Cloudflare-fronted release feeds (electron-updater's standard manifest fetch). That call carries no usage data.
Changes
If this privacy posture changes, the change will appear in the repository at website/src/pages/privacy.astro and the commit history is the audit trail. There is no separate changelog for this page.
Contact
Questions or concerns: open an issue.