What we collect, what we don't, and how to change your mind.

• No selling, renting, or trading reader data with anyone.
• No editorial tracking pixels: nothing in a post body phones home, and the recommended-action links point straight at primary sources, not redirectors.
• No third-party social widgets that load JavaScript on the page.
• No first-party behavioral profile of individual readers.

The site does carry display advertising through Google AdSense, which sets cookies and may personalize ads when you allow it. The advertising layer is described in the next section, kept separate from the editorial experience, and gated by a consent banner in regions that require one.

The site runs Google AdSense for display advertising. AdSense and its certified ad partners may set cookies and similar identifiers to serve and measure ads, cap how often you see the same one, and detect fraudulent activity. When permitted, those cookies are also used to personalize ads based on your activity across other sites.

We don't see or store the underlying ad-targeting profile. Google and its partners do; that exchange is governed by Google's privacy policy and the policies of each ad partner Google works with.

In the EU, UK, Switzerland, and other regions that require it, consent for AdSense and its partners is collected through Google's certified consent management tool (Funding Choices). Your choice there controls whether personalized ads and partner cookies are allowed. You can change ad personalization at any time at adssettings.google.com, including for sessions where you are not signed into Google.

California residents and others with "do not sell or share" rights under state privacy laws (CPRA and equivalents) can opt out through the consent banner in those regions, by enabling Global Privacy Control in their browser, or by emailing [email protected].

The site runs Microsoft Clarity for anonymous session analytics. It tells us which posts get read, where people stop scrolling, and which CTAs land. It does not identify individual readers.

By default, Clarity runs in cookieless mode on this site. The consent banner controls whether cookies are allowed. If you accept, Clarity may set first-party cookies to stitch sessions across page loads. If you decline or do nothing, no Clarity cookies are set; anonymous page-level signals may still be recorded but without a persistent identifier.

When enabled, Clarity collects pages visited, click and scroll behavior, viewport size, referrer, browser and OS metadata, and IP address (used by Microsoft for fraud prevention and approximate geolocation, not shared with us in raw form). See Microsoft's privacy statement for the upstream details.

The email newsletter is delivered by Beehiiv. When you subscribe, your email address and signup source are stored there. Beehiiv records whether you open the newsletter and which links you click, which we use to keep the digest worth opening and to know which posts to write next.

Every email has a one-click unsubscribe link in the footer. Unsubscribing removes you from future sends. To have your record deleted entirely, email [email protected] and we will pull it from Beehiiv within a few business days.

Beehiiv's own handling is documented in their privacy policy.

The site sets three kinds of browser storage:

• Advertising cookies (Google AdSense and its partners), gated by Google's Funding Choices banner in regions that require consent and by your AdSense settings everywhere else.
• Analytics cookies (Microsoft Clarity), only if you accept the analytics consent banner. Analytics consent is tracked separately from advertising consent.
• Functional storage in localStorage and sessionStorage for things like remembering your consent decisions and hiding the subscribe bar after you sign up. These are set on your device, never transmitted, and not used for tracking.

The control below changes your analytics consent only. Advertising consent is managed in the Google Funding Choices banner that appears in regulated regions, or at adssettings.google.com. To reset all storage for this site, clear site data for patchdayalert.com in your browser.

The site is statically generated and served through a CDN. The CDN keeps short-lived edge logs (IP, user agent, requested URL, response code) for abuse mitigation and operational debugging. We don't combine those logs with any reader profile, and we don't retain them long-term.

The site is written for working IT and security professionals. It is not directed at children under 13, and we don't knowingly collect data from anyone in that group.

If you're in a jurisdiction that grants rights of access, correction, deletion, or portability (GDPR, UK GDPR, CCPA/CPRA, and similar), email [email protected] with the request. Because we hold very little reader data, requests are usually straightforward: an email address in Beehiiv and an anonymous session in Clarity. We respond within 30 days.

When this page changes in a way that affects what gets collected or how, the date at the top of the page updates and the consent banner re-prompts. Quiet edits (typos, link updates) won't trigger a re-prompt.

For anything privacy-related, including data requests and questions about this page, email [email protected].