Skip to main content
Your Privacy Matters

Privacy Policy

We are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data in compliance with GDPR and CCPA.

Last updated: March 21, 2026  |  Effective date: March 21, 2026

Information We Collect

We collect information to provide and improve our services. The information we collect falls into three main categories: information you provide, information collected automatically, and information from third-party sources.

Information You Provide Directly

Email Address

When you subscribe to our newsletter or contact us

Name

When you submit a contact form or comment

Message Content

Any information you voluntarily share with us

Automatically Collected Information

IP Address

For geographic content delivery and security

Browser Type

To optimize your browsing experience

Device Information

To ensure responsive design

Pages Visited

To understand how users navigate our site

Time on Site

To measure content engagement

Referring URL

To understand how you found us

Affiliate & Purchase Data

Affiliate Links

We track clicks on affiliate links for commission attribution

Product Rankings

Your browsing may influence affiliate link placement

Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately so we can remove it.

How We Use Your Information

We use the information we collect for the following purposes:

Deliver Newsletter

Send you product updates and buying guides you subscribed to

Analyze Usage

Understand how visitors interact with our website

Ensure Security

Protect against fraud, abuse, and unauthorized access

Improve Content

Develop and enhance our product comparisons and guides

Track Affiliate Links

Attribute commissions correctly when you make purchases

Respond to Inquiries

Process and reply to messages sent through our contact form

We do not sell your personal information to third parties. We may share aggregated, anonymized data that cannot identify you individually with partners for research or business purposes.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our website. Cookies are small text files stored on your device.

Types of Cookies We Use

Essential Cookies

Always Active

These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility.

Examples: Session cookies, authentication tokens, security cookies

Analytics Cookies

Optional

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.

Examples: Google Analytics cookies, heatmap data

Affiliate Cookies

Required

These cookies track clicks on affiliate links and attribute purchases correctly for commission tracking.

Examples: Amazon Associates tracking cookies (typically 24 hours to 7 days)

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. However, blocking essential cookies may impact website functionality.

Opt out of Google Analytics →

Information Sharing & Disclosure

We do not sell your personal information. We may share information in the following limited circumstances:

Service Providers

We share information with trusted service providers who help us operate our website and business, such as hosting providers, email services, and analytics platforms. These providers are contractually bound to protect your information.

Legal Requirements

We may disclose information if required by law, court order, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

If CompareScience is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email of any such change.

With Your Consent

We may share your information for purposes not described in this policy with your explicit consent.

We Do NOT Sell Your Data

CompareScience does not sell your personal information to third parties for marketing purposes. Your trust and privacy are fundamental to our business model.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

Data Category Retention Period Reason
Newsletter Subscriptions Duration of subscription + 30 days after unsubscription Allow re-activation and compliance
Contact Form Submissions 24 months Customer service and dispute resolution
Analytics Data 26 months (Google Analytics default) Trend analysis and reporting
Server Logs 90 days Security and troubleshooting
Affiliate Data As required by Amazon Associates (typically 3 years) Commission tracking and audits

When the retention period expires, we will securely delete or anonymize your personal information. If this is not immediately possible (e.g., due to backup systems), we will store your information securely until deletion is possible.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Encryption

All data transmitted to and from our site is encrypted using TLS/SSL. Sensitive data is encrypted at rest.

Access Controls

Access to personal data is restricted to authorized personnel only, with role-based access controls.

Regular Updates

We regularly update our systems and software to address emerging security vulnerabilities.

Incident Response

We have procedures in place to respond to data breaches, including notification to affected users and authorities as required by law.

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and the appropriate supervisory authority within 72 hours as required by GDPR Article 33.

Your Rights

You have certain rights regarding your personal information. The specific rights depend on your location and applicable data protection laws.

Right to Access

You have the right to request a copy of the personal information we hold about you.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information.

Right to Erasure

You have the right to request deletion of your personal information ("right to be forgotten").

Right to Restrict Processing

You have the right to request limitation of processing of your personal information.

Right to Data Portability

You have the right to receive your personal information in a structured, commonly used format.

Right to Object

You have the right to object to processing of your personal information based on legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Right to Lodge Complaint

You have the right to file a complaint with a data protection authority if you believe your rights have been violated.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know

California residents have the right to request disclosure of personal information collected, used, disclosed, or sold.

Right to Delete

California residents have the right to request deletion of personal information, subject to certain exceptions.

Right to Opt-Out

California residents have the right to opt-out of the sale of their personal information.

Right to Non-Discrimination

We will not discriminate against you for exercising your California privacy rights.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the methods below. We will respond to your request within 30 days (GDPR) or 45 days (CCPA).

For identity verification purposes, we may request additional information to process your request. This information will only be used for verification purposes.

Third-Party Services

We use third-party services to operate our website and provide our services. These services have their own privacy policies governing their use of your information.

Google Analytics

We use Google Analytics to understand how visitors interact with our website.

Purpose

Analyzing website traffic and user behavior

Data Retention

26 months (configurable)

Data Collected

Pages visited, time on site, referring URLs, device information, anonymized IP addresses

Privacy Policy → Opt Out →

Google Search Console

We use Google Search Console to monitor our search performance and indexing status.

Purpose

SEO monitoring and technical issue detection

Data Retention

As per Google policy

Data Collected

Search queries, click-through rates, indexing status

Privacy Policy →

Supabase

We use Supabase as our database and authentication service provider.

Purpose

Storing product data, user subscriptions, and site content

Data Retention

Duration of account + 30 days after deletion

Data Collected

Newsletter subscriptions, contact form submissions, user preferences

Privacy Policy → Opt Out →

Vercel

Our website is hosted on Vercel, a cloud platform provider.

Purpose

Website hosting and delivery

Data Retention

As per Vercel policy (typically 90 days)

Data Collected

Server logs, request data, performance metrics

Privacy Policy →

Amazon Associates

We participate in the Amazon Associates Program to earn commissions on qualifying purchases.

Purpose

Affiliate revenue and product links

Data Retention

As per Amazon Associates policy

Data Collected

Affiliate link clicks, qualifying purchases, commission tracking

Privacy Policy →

International Data Transfers

CompareScience is based in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States, which may have different data protection laws than your country.

When we transfer personal information from the European Economic Area (EEA) to the United States, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

By using our services and providing your information, you consent to the transfer and processing of your information in the United States.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Post the revised policy on this page
  • Notify you via email if you have subscribed to our newsletter
  • Display a notice on our website for 30 days after significant changes

We encourage you to review this Privacy Policy periodically to stay informed about our data practices.

Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us:

Email

privacy@comparescience.com

We respond within 30 days

Mailing Address

CompareScience
123 Science Street
Suite 100
San Francisco, CA 94105
United States

Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority. You can find contact information for your supervisory authority at EDPB Members.

Stay Updated

Subscribe to receive updates about our privacy practices and policy changes.

No spam. Unsubscribe anytime. We respect your privacy.