Skip to content

Privacy

What this website collects, what it doesn't, and how to stop it from collecting anything at all.

The short version

This website uses Google Analytics 4 in a deliberately stripped-down posture. It sets one first-party analytics cookie (Google's _ga) so visits can be counted and pages and CTAs measured. No advertising cookies are set. No personal data is collected. No cross-site or cross-device tracking happens. What we measure is traffic — counts of pageviews, clicks, and scroll depth — tied only to a pseudonymous, per-browser identifier, never to your identity.

You can verify the posture yourself: open your browser's developer tools, load any page, and inspect the request to google-analytics.com/g/collect. It carries gcs=G101 — analytics granted, advertising denied — and npa=1 (non-personalized).

What's collected

  • Page views — which URLs are visited, in what order, with referrer + UTM tags.
  • A pseudonymous identifier — stored in the first-party _ga cookie so repeat pageviews in a session (and returning visits) can be counted as one browser. It is a random ID, not linked to your identity.
  • Scroll depth — fires once per page when a visitor reaches 90% of the page height.
  • Outbound link clicks — when you click a link to another domain.
  • File downloads — when you click a link that ends in a download extension (.dmg, .exe, .AppImage, .zip).
  • Download CTA clicks — which Download button on which page (hero, nav, footer, final).
  • Release page views — which release notes pages get traffic.
  • Coarse geolocation — country-level only, derived server-side from IP. The IP itself is anonymized and never stored.

What's not collected

  • Your identity, email, or any directly identifying PII.
  • Your IP address — GA4 anonymizes it on collection; it is used to derive country, then discarded.
  • Advertising cookies or ad signals — all three ad consent types (ad_storage, ad_user_data, ad_personalization) are denied, and ads personalization is off (npa=1).
  • Cross-site or cross-device tracking — Google Signals is disabled at the property level.
  • City-level or precise geolocation — granular location data collection is disabled.
  • Form fields, search queries, or video engagement — none of these are enabled.
  • Anything from the Pitch desktop app — the app and this website are separate analytics streams. The app's own usage data is opt-in and off by default; see what Pitch collects.

How the analytics is configured

Google Analytics 4 runs through Consent Mode v2 with analytics granted and all advertising denied. That means GA sets a single first-party _ga cookie to count browsers and reports the pageviews and events it observes directly — these are real counts, not statistical estimates. Because the ad consent types stay denied and Google Signals is off, none of that data feeds advertising, remarketing, or cross-device profiles.

The technical signature: every measurement request to GA includes gcs=G101 in the query string. G101 means "advertising denied, analytics granted." If you ever see gcs=G111 (advertising granted) in your network tab while on pitch.morperhaus.org, that would mean the posture is misconfigured — please file a bug.

Retention

Event data is retained in Google Analytics for 14 months from the date of collection, then automatically deleted. This is the maximum retention period available on the free tier and exists to allow year-over-year comparisons.

How to opt out completely

To stop all measurement, block it at the source: a content blocker like uBlock Origin, the EFF's Privacy Badger, or your browser's built-in tracking protection (Safari ITP, Firefox ETP, Brave Shields) will block the Google Analytics script — no _ga cookie is set and no pings leave your browser. You can also delete the _ga cookie for pitch.morperhaus.org at any time, or browse in a private/incognito window so it's discarded when you close it. Nothing on this site depends on analytics being allowed.

The Pitch desktop app

The Pitch desktop application can send anonymous usage counts — and only if you say yes. The first time you create or import a deck, a banner asks once; until you choose, the app sends nothing. You can turn it on or off anytime in Settings → Privacy.

When it's on, the app reports counts only — the app version you're on, how many decks you create and share, and the slide types you use (HTML, Figma, Google Slides, and the rest). It never sends the content of your pitches, your identity, or file paths. Events are tied to a random, content-free per-install identifier, not to you. The full, itemized list is at what Pitch collects.

Separately — and regardless of the telemetry choice — the app checks for updates via Cloudflare-fronted release feeds (electron-updater's standard manifest fetch). That call carries no usage data.

Changes

If this privacy posture changes, the change will appear in the repository at website/src/pages/privacy.astro and the commit history is the audit trail. There is no separate changelog for this page.

Contact

Questions or concerns: open an issue.