Do Not Sell or Share My Personal Information

What "sell" and "share" mean here

Under California law, "sell" means disclosing personal information to a third party in exchange for monetary or other valuable consideration. "Share" means disclosing personal information to a third party for cross-context behavioral advertising. We do neither.

We do disclose personal information to service providers (e.g., Vercel for hosting, Upstash for rate limiting, Kit for newsletter delivery, Google for OAuth and analytics) that process the information on our behalf under contract, only for purposes we have specified, and not for their own independent commercial purposes. This is not a "sale" or "share" under California law.

Your California rights

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose about you
• Access and receive a copy of the personal information we hold about you
• Correct inaccurate personal information
• Delete personal information we collected from you (subject to statutory exceptions)
• Opt out of any "sale" or "sharing" of your personal information
• Limit the use and disclosure of sensitive personal information
• Be free from retaliation for exercising any of these rights

How to submit a request

Even though we do not sell or share personal information, you can confirm or formalize this with us, or exercise any of your other rights above, by submitting a request through either of the methods below.

Email (preferred).

Send an email to privacy@morevanlessmoney.com with subject line "CCPA request." Include:

• The right you want to exercise (opt-out confirmation, access, correction, deletion, or limit-use-of-sensitive-PI)
• The email address you used with our site (so we can locate your records)
• A statement, made under penalty of perjury, that you are a California resident

Postal mail.

Rocky Mountain Logic LLC
Attn: Privacy — CCPA Request
(Address available on request to privacy@morevanlessmoney.com; we do not publish a physical address on the open web for safety reasons)

Authorized agents

You may designate an authorized agent to make a request on your behalf. We will require written, signed permission from you authorizing the agent, and we may verify your identity directly before fulfilling the request. We may deny a request from an agent who cannot demonstrate authority to act on your behalf.

Verification

We will verify your identity before responding to access, correction, or deletion requests in a manner proportionate to the sensitivity of the request and the risk of disclosure to an unauthorized party. Typically this means confirming the request from the email address associated with your records.

Response timeline

We will acknowledge your request within 10 business days and respond substantively within 45 calendar days, extendable once by another 45 days where reasonably necessary (and where we notify you of the extension and the reason). For opt-out requests we will respond as soon as feasibly possible and no later than 15 business days from receipt.

No retaliation

We will not deny goods or services, charge different prices, or provide a different level or quality of service because you exercise any of these rights.

Global Privacy Control (GPC)

Where your browser sends a Global Privacy Control (GPC) signal indicating that you have opted out of the sale or sharing of personal information, we treat that signal as a valid opt-out request from the device sending it. Because we do not sell or share personal information in the first place, receiving a GPC signal does not change our processing, but we record receipt of the signal as evidence that the opt-out is honored.

Other privacy questions

See our Privacy Policy for the full description of what we collect, how we use it, and how to exercise rights other than those described above.