Skip to main content

Privacy Policy

Last updated May 2026

SpecPicks ("we", "us") respects user privacy and is committed to protecting it through compliance with the practices described below.

What we collect

  • Analytics data — we use Google Analytics 4 to understand which pages are read and which products convert. GA collects anonymised page views, session duration, device/browser, and approximate geographic location.
  • Server logs — our servers log each request (URL, HTTP method, status code, user-agent, IP address) for 90 days for debugging and abuse prevention.
  • Newsletter subscriptions — if you sign up for the newsletter we store your email address and the date you subscribed.
  • Account data — if you create a SpecPicks account (used for registered-user features in your dashboard), we store your email, hashed password, and optional profile fields. We never store plain-text passwords.

What we don't collect

  • We do not sell personal data.
  • We do not collect browsing history outside of our own domain.
  • We do not use cross-site tracking pixels.

Cookies

SpecPicks uses cookies for analytics (Google Analytics 4). When you click an outbound affiliate link, Amazon, eBay, or another retailer may set their own cookies on their domain to track conversions. Those cookies are governed by their respective privacy policies.

Local storage

Browser localStorage is a separate storage mechanism from cookies. Unlike cookies, the contents of localStorage are never transmitted to our servers in HTTP request headers — the data is only available to JavaScript running on the SpecPicks domain itself. SpecPicks uses localStorage for authentication: if you log in, a short-lived JWT is stored in localStorage so the site can identify you on subsequent page loads. This is not a cookie, will not appear in your browser's cookie list, and is not sent automatically with every request — it is read by client-side JavaScript and attached to specific API calls only.

Because localStorage entries are not cookies, clearing your cookies will not remove them. You can clear them by logging out (which calls localStorage.removeItem()), by using your browser's developer tools (Application → Local Storage), or by clearing the site's site data via your browser's privacy settings.

Third parties

  • Google Analyticspolicies.google.com/privacy
  • Amazon (Associates) — Amazon Privacy Notice
  • eBay (Partner Network) — eBay Privacy Notice
  • Azure (hosting) — Microsoft Azure handles our compute and database; data at rest is encrypted.
  • Cloudflare (DNS and DDoS protection) — see Cloudflare's privacy policy.

Your rights (GDPR / CCPA)

You can request a copy of any personal data we hold about you, or ask us to delete it, by emailing the address on our contact page. If you're in the EU/UK we'll respond within 30 days per GDPR. If you're in California, you have the same rights under CCPA — right to know, right to delete, right to opt out of sale (we don't sell data).

Data retention

Server logs: 90 days. Newsletter records: until you unsubscribe. Account data: until you delete the account. Analytics: per Google Analytics retention settings (currently 14 months).

Children

SpecPicks is not directed at children under 13. We do not knowingly collect data from minors.

Changes

We'll update the "last updated" date at the top of this page and, for material changes, notify newsletter subscribers.

Contact

Privacy questions: contact page.