Privacy policy

GLPwatch is a static site. The only tracking it runs is Google Analytics 4, used to measure traffic. This page explains what GA4 sees, what we don't do, and how to opt out.

What we collect

We use Google Analytics 4 (GA4), Google's traffic-measurement product, to understand which pages get visited and roughly where visitors come from. GA4 sets two first-party cookies in your browser (_ga and _ga_*) and reports anonymised events to Google's servers. Each event includes:

• The URL of the page you're on and the URL that referred you
• A truncated IP address (GA4 drops the last octet before storage, per Google's IP-anonymisation policy)
• Your country and approximate region (derived from the truncated IP)
• Browser, operating system, and device-type strings from your User-Agent header
• A randomly generated client identifier stored in the _ga cookie, so repeat visits within ~2 years count as one visitor

We do not enable Google Signals, Google Ads linking, or any cross-site personalisation. We never send personal data (names, emails, account IDs) to GA4. There are no accounts and no forms on the site, so there's nothing to send.

What we don't do

• No advertising tags. No Google Ads, Facebook Pixel, LinkedIn Insight, or remarketing tags of any kind.
• No third-party JavaScript beyond the GA4 snippet (loaded from googletagmanager.com).
• No accounts, logins, comments, contact forms, or newsletter sign-ups.
• No selling or sharing of data beyond Google's standard GA4 processor relationship.
• No fingerprinting or tracking-pixel networks.

How to opt out

• Install Google's official Analytics Opt-out Browser Add-on, which disables GA4 across every site you visit.
• Use a content blocker (uBlock Origin, AdGuard, Brave shields). Standard blocklists block googletagmanager.com.
• Use Firefox with Enhanced Tracking Protection set to "Strict", or Safari with Intelligent Tracking Prevention — both block GA4 cookies by default.
• Block the _ga and _ga_* cookies for this domain in your browser settings.

If you opt out, the site works exactly the same. GA4 has zero impact on what you see or how pages render.

Server logs

The host (Hetzner) keeps standard nginx access logs containing IP addresses, request paths, response codes, and User-Agent strings, rotated per the host's standard retention policy. These are operational logs only, never joined with GA4 data, and never used to track individual visitors.

Data sources we fetch

During the daily build, the GLPwatch server fetches data from public APIs (PubMed, NIH iCite, ClinicalTrials.gov, openFDA, DailyMed, Semantic Scholar, SEC EDGAR, and FDA press materials). These are server-to-server calls. Your browser is not involved and no information about you flows to those sources from this site.

Your rights (GDPR / UK GDPR)

If you're in the EU, EEA, UK, or a jurisdiction with similar privacy law, you have the right to access, correct, or delete the personal data we hold about you. In practice the only personal data we have is what GA4 stores, keyed by your _ga cookie; the easiest way to delete it is to clear cookies for this domain. For a formal request, contact us at the email below and we will route deletion requests to Google as the GA4 processor.

Changes

If we change what GA4 collects, add another tracker, or introduce forms or accounts that touch personal data, this page will be updated and dated before that change ships. Last updated: 2026-05-28.

Contact

Privacy questions, data-subject requests, or anything else about this policy: glpwatch@blackfinch.pl.