← Back to scammingexposed.com
DOCUMENT

Privacy Policy

Effective May 4, 2026

Who I am

ScammingExposed.com is operated by Eric Keller, an individual sole proprietor based in the United States, reachable at eric@scammingexposed.com. There is no company. There is no team. This is a one-person, donor-funded project. Sister sites: EpsteinExposed.com and CapitolExposed.com.

What I collect

Email addresses (waitlist)

If you submit your email through the waitlist form, I store the address and the timestamp. That's it. I will use it once — to email you when the site launches — and you can unsubscribe in one click. I will not sell, rent, or share your email with anyone, ever.

Payment information (donations)

Donations are processed by Stripe. Card numbers, billing addresses, and any other payment details are entered directly on Stripe's checkout page. I never see your card number. Stripe shares with me only the donor's name, email, donation amount, currency, and timestamp — used to record the donation in the public ledger and (with your consent) recognize patrons. Stripe's privacy policy: stripe.com/privacy.

Analytics

I use Google Analytics 4 to understand aggregate traffic patterns — page views, referrers, country-level location, browser and device class. I run it in the most privacy-conservative configuration available: IP addresses are anonymized, advertising features are disabled, Google Signals is off, ad personalization is denied, and no audiences are exported to ad platforms. GA4 sets a small first-party cookie (_ga) used only to count returning visits. I do not use Facebook Pixel, TikTok Pixel, or any other ad-network tracker. Google's privacy policy: policies.google.com/privacy.

I also use Cloudflare Web Analytics for cookieless aggregate metrics (purely server-side, no JavaScript fingerprinting, no cross-site tracking). Cloudflare's privacy policy: cloudflare.com/privacypolicy.

You can opt out of GA4 entirely by installing the Google Analytics Opt-out Browser Add-on, or by blocking googletagmanager.com in your browser. The site works identically without it.

Server logs

The hosting provider (Vercel) and the CDN (Cloudflare) keep short-term logs of HTTP requests for security and troubleshooting. These typically include IP address, timestamp, user agent, and the URL requested. I do not link these logs to identifiable individuals.

What I do NOT do

  • I do not sell, rent, or share personal data with advertisers, data brokers, or any third party except as required to operate the service (Stripe for payments, Vercel for hosting, Cloudflare for DNS/CDN, the email provider for sending the launch notice).
  • I do not run advertising on this site.
  • I do not use behavioral tracking, fingerprinting, or cross-site cookies.
  • I do not retain data longer than I need it. Waitlist emails are deleted on request and at project shutdown if that ever happens.

Your rights (GDPR / CCPA / general)

You can ask me to:

  • Show you what data I have on you.
  • Delete your data (waitlist email, donation record).
  • Correct anything inaccurate.
  • Export a copy of your data.
  • Opt out of any future communication.

Email eric@scammingexposed.com with your request. I respond personally, usually within 48 hours. Donations recorded in Stripe are subject to Stripe's retention rules (typically up to 7 years for accounting/tax compliance, even after you delete your account-side record).

Children

The site is not directed at children under 13 (or under 16 in the EU). I do not knowingly collect data from children. If a parent believes a child has submitted information, email me and I will delete it.

Cookies and local storage

This site uses two things that touch your browser:

  • One localStorage entry (se.signed) that remembers if you've already submitted the waitlist form, so the form doesn't prompt you twice. Local to your browser. Never sent to me.
  • Google Analytics 4 first-party cookies (_ga, _ga_*) used to count distinct visits. No advertising cookies. No cross-site tracking. Delete them any time from your browser settings.

International transfers

The site is hosted in the United States. Stripe and Cloudflare process data globally. By using the site you consent to your data being processed in the U.S. and other jurisdictions where these vendors operate.

Security

HTTPS-only. Cards never touch my server. Donor records live in Stripe. Email addresses live in the waitlist provider. I have access to all three via authenticated dashboards. If I become aware of a data breach affecting your information, I will notify you within 72 hours where required by law and post a notice on the homepage.

Changes

If I update this policy, the effective date at the top of the page changes and a note will appear on the homepage. Major changes (new categories of data, new vendors with significant access) will be announced 30 days in advance via the waitlist email.

Contact

eric@scammingexposed.com