Privacy Effective date: December 11, 2025

Privacy Policy

This policy explains how we collect, use, share, and protect information when you visit and interact with CrimsonUpdates.

1. Who we are

CrimsonUpdates ("we", "us", "our") operates the website at https://crimsonupdates.com/ (the "Site").

For visitors in the European Economic Area (EEA), the United Kingdom, and Switzerland, we act as the "data controller" for personal data processed through the Site.

2. Scope

This policy explains how we collect, use, share, and protect information when you visit and interact with the Site. It applies to users globally, including the EU/UK (GDPR/UK-GDPR), California (CCPA/CPRA), and Brazil (LGPD).

3. What data we collect

3.1 Usage and analytics data (after consent)

Page views, pages visited, session duration, approximate region/city, device, browser, operating system.
Technical identifiers, such as pseudonymous client IDs. IP addresses are trimmed/anonymized before analytics processing.

3.2 Necessary technical data

Essential cookies or equivalent storage for security, load balancing, and consent state.
Basic server logs, such as IP, user agent, and timestamps, for security and reliability.

3.3 Voluntarily provided data

Content you submit via contact forms, feedback, or email, such as name, email, and message.

No sensitive categories: We do not intentionally collect sensitive personal data.

4. Why we collect it (purposes and legal bases)

4.1 Purposes

Analytics and performance: Understand traffic, improve content and UX, detect issues.
Security and reliability: Prevent abuse, debug outages, ensure availability.
Communications: Respond to messages you send us.

4.2 Legal bases (GDPR/UK-GDPR)

Consent (Art. 6(1)(a)): Analytics cookies/processing occur only after you grant consent via our consent banner/modal.
Legitimate interests (Art. 6(1)(f)): Essential operations like security, fraud prevention, and basic site functionality.
Contract (Art. 6(1)(b)): When we respond to inquiries you initiate.

5. Cookies, consent and controls

We use a consent system powered by Cloudflare Zaraz. Tools that require consent, such as Google Analytics 4, are blocked by default and only load if you accept the relevant purpose, such as "Analytics". We also use Google Consent Mode v2 to respect your choices.

5.1 How to manage your choices

Use the cookie banner/modal shown on first visit. You can accept, reject, or manage granular choices.
You can revisit your choices at any time via the "Cookie settings" link in our footer, if available, or by clearing your cookies.
Browser controls: you may block or delete cookies in your browser settings.
Google Analytics opt-out add-on: https://tools.google.com/dlpage/gaoptout

5.2 Types of cookies/storage

Strictly necessary: security, load balancing, consent state (always active).
Analytics (consent-based): GA4 via Cloudflare Zaraz to understand site usage.

7. International transfers

Your data may be processed outside your country. When data is transferred from the EEA/UK to countries without an adequacy decision, we rely on appropriate safeguards, such as the EU Standard Contractual Clauses (SCCs) and equivalent UK mechanisms, implemented by our processors, such as Google and Cloudflare.

8. Data retention

Analytics (GA4): retained per GA4 settings, typically 14 months. We configure GA with IP anonymization and do not enable advertising features unless you consent.
Server logs: retained for a short period, such as up to 90 days, for security and troubleshooting.
Contact/communication data: kept only as long as needed to respond and for record-keeping, unless you ask us to delete it.

9. Your rights

9.1 GDPR/UK-GDPR (EU/UK users)

You may request access, rectification, erasure, restriction, portability, and to object to certain processing. Where processing is based on consent, you may withdraw it at any time via the cookie banner or by contacting us.

You also have the right to lodge a complaint with your local supervisory authority.

9.2 LGPD (Brazil)

Brazilian users may request confirmation of processing, access, correction, anonymization, portability, deletion, and information about sharing. You may also revoke consent at any time.

9.3 CCPA/CPRA (California)

California residents have rights to know, delete, correct, and limit use of sensitive personal information. We do not "sell" personal information for monetary consideration.

However, when you consent to advertising cookies, we do "share" personal information, such as identifiers and browsing activity, with advertising partners for cross-context behavioral advertising as defined by the CPRA.

To opt out: Click the "Cookie Settings" button in the footer and reject advertising cookies, or visit our Do Not Sell or Share My Personal Information page.

10. Security

We use reasonable technical and organizational measures to protect data, such as HTTPS/TLS and access controls. No method of transmission or storage is completely secure.

11. Children

The Site is not directed to children under the age of 16, or the age required by local law. We do not knowingly collect personal data from minors. If you believe a minor provided personal data, please contact us and we will delete it.

12. Changes to this policy

We may update this Policy from time to time. We will post the revised version with an updated effective date and, if changes are significant, we will provide a more prominent notice.

13. Contact

To exercise your rights or ask questions, contact us at contact@crimsonupdates.com. We will respond within the timelines required by applicable law.

Website: crimsonupdates.com

If available, you can also manage your cookie preferences at any time via the "Cookie settings" link in our footer.