The Uthark-Tzolkin project takes privacy seriously and collects as little as possible. This page describes what data the site does and does not handle, and what rights every visitor has under applicable law.
1. What this site does not collect
Browsing the public pages requires no account and sets no tracking cookies. The site uses no third-party analytics, no advertising networks, and no behavioural-profiling scripts. The only background element on every page is an optional ambient music track, which loads only when you press the play button.
2. Member accounts
A member account stores the minimum data required to operate the workspace: your email address, a hashed password, your subscription status, your birthday signature (if you save one), the journal entries you write, and the castings you save. Account data is transmitted over HTTPS and stored on servers controlled by the project. It is not sold, rented, or shared.
3. Payment
Membership payment is handled by Stripe. The project receives only the minimum information needed to associate a successful payment with your account — typically your email, the country of the issuing card, and a Stripe customer ID. Card numbers, CVV codes, and full billing details are never seen by, stored by, or transmitted through this site.
4. The contact form
The contact and newsletter forms are delivered to the project via a third-party form-handling service (Formsubmit), which forwards your submission to the project's mailbox at contact@utharktzolkin.com. The reply-to address you provide is used only to respond to your message; it is not added to any other list or shared with third parties.
5. Newsletter
Subscribing to the newsletter stores your email address for the single purpose of sending newsletter issues. Every issue includes a one-click unsubscribe link. Addresses are not sold, rented, or shared.
6. Cookies
The site uses a single strictly-necessary cookie to keep you signed in to your account once you log in. It is not used for advertising, tracking, or analytics. No cookie is set on the public pages.
7. Local browser storage
The optional background music remembers, within the same tab
session only, whether you turned it on and where the track was
playing — so the music continues when you move between pages. This
information is stored in your own browser's
sessionStorage and is cleared when the tab is closed.
It never leaves your device.
8. Your rights
Under the EU General Data Protection Regulation (GDPR) and similar legislation, you have the right to access, correct, export, or delete any personal data the project holds about you, and to object to or restrict its processing. The Settings page lets you export your data or delete your account directly. For other requests, write through the contact page.
9. Data retention & archive limits
Account data is kept for as long as the account is active. When you close an account or request deletion, all associated data is removed from the project's servers within 30 days. Backups are rotated on a 30-day cycle, after which deleted data is gone for good.
Each account has a generous archive capacity sufficient for a lifetime of practice. Entries older than two years are automatically compressed into a downloadable archive bundle that remains part of your account and is included in every Export. If the archive ever approaches its hard limit, the Settings page will surface a notice and offer a backup download — no entries are silently deleted.
10. Changes to this policy
When the project's data practices change, this page is updated and the “last updated” date at the top is revised. Substantive changes are communicated via the newsletter, if you are subscribed.
11. Contact
Questions about this policy, or about the data the project holds about you, can be sent through the contact page.