Privacy
A short policy for a small studio site. We don’t track much, and we don’t want to.
- This is a small studio site. There's not much to track, and we don't track much.
- No analytics. No cookies. No fingerprinting. No data sales. None of those, ever.
- Cloudflare keeps minimal security logs — that's how every web server works.
- If you sign up for our newsletter, we keep your email until you unsubscribe.
- You have full rights under Brazil's LGPD and the EU's GDPR — access, correction, deletion, portability. Email
hello@discerne.coand we'll handle it within 15 days. - We're a worldwide studio. Discerne.co, LLC is incorporated in Delaware, USA. The English version of this policy prevails on conflict.
1. Scope
This policy covers what happens when you visit discerne.co — the studio site you're reading right now. It does not cover:
- Our products. StoryPass, Será que é golpe?, Mission Tools, Reunite.is — each ships with its own privacy policy that addresses what that product does with data. If you use a product, read its policy.
- Other sites we link to. We're not responsible for how they handle your data. Linking is not an endorsement.
If you have an account or app from one of our products, that relationship is governed by the product's policy, not this one.
2. What we collect
Two things, both narrow.
2.1 Cloudflare security logs
When you load any page on this site, Cloudflare — our hosting and security provider — sees the request. That includes your IP address, the URL you visited, your user-agent string, and a timestamp. This is automatic and how every web server on the internet works.
Cloudflare uses these logs to keep the site available and to block automated attacks. We don't read them unless we're investigating a security incident. They're deleted on a fixed schedule (see §8 below).
2.2 Newsletter email (if you sign up)
If you sign up for our newsletter — and only if you sign up — we collect:
- Your email address
- The date you subscribed
That's it. No name unless you give one. We don't watch what you click in the newsletter, and we don't build a profile of you. We use your email to send you the newsletter — and that's it. We don't share it, sell it, or use it for anything else.
You can unsubscribe at any time using the link in any newsletter, or by emailing hello@discerne.co. Unsubscribing removes your email within 30 days.
3. What we don't collect
To say it plainly:
- No analytics. No Google Analytics, no Plausible, no Fathom, nothing else that measures individual visitors. We don't track how long you stayed, what you clicked, or where you came from. If we ever add an analytics tool, it'll be a privacy-first one (no cookies, anonymized) and we'll list it here.
- No cookies on public pages. Reading the site sets nothing on your browser. (Site administrators have their own internal session cookies when editing content; those don't apply to readers.)
- No fingerprinting. We don't combine signals from your browser to identify you across visits.
- No data sales. No data trades. No data sharing with advertisers or data brokers. This commitment applies to all current and future iterations of this site.
4. Service providers
We use two third-party services that touch visitor-facing data:
- Cloudflare (USA, with global infrastructure) — hosting, security, DDoS protection, SSL/TLS. Sees the technical data described in §2.1. Their privacy policy: https://www.cloudflare.com/privacypolicy/
- Resend (USA) — email delivery for the newsletter, when active. Receives your email address and the newsletter content. Does not have access to anything else. Their privacy policy: https://resend.com/legal/privacy-policy
We use no other third-party services on this site. No Google, Facebook, or advertising-network tracking. No third-party fonts loading from Google's CDN; we self-host or use privacy-respecting providers.
5. Your rights
You have the right to:
- Access the data we hold about you
- Correct any data that's inaccurate or incomplete
- Delete your data (subject to legal retention requirements)
- Restrict how we process your data
- Receive your data in a portable format
- Object to processing
- Withdraw consent at any time, where consent was the basis for processing
- File a complaint with your local data protection authority — the ANPD in Brazil, or your national supervisory authority in the EU/EEA/UK
To exercise any of these rights, email hello@discerne.co. We respond within 15 days. There's no cost.
6. Brazilian context — LGPD
Discerne.co, LLC is a Delaware-incorporated company. To the extent we process personal data of individuals located in Brazil, Brazil's Lei Geral de Proteção de Dados (LGPD, Lei 13.709/2018) applies under its extraterritorial reach (Art. 3).
- Controller: Discerne.co, LLC — Delaware, USA
- DPO contact:
hello@discerne.co - Lawful basis for processing: legitimate interest (security logs, §2.1) and consent (newsletter, §2.2)
- Article 18 rights: the rights enumerated in §5 above are direct restatements of LGPD Article 18
- International transfers: because the controller is established in the United States, processing of personal data we collect from users in Brazil necessarily involves an international transfer to the US. Our service providers (Cloudflare and Resend) operate global infrastructure and are bound by their own LGPD and GDPR commitments.
If you're in Brazil and have an LGPD-specific question or complaint, contact us first at hello@discerne.co. You can also contact Brazil's data protection authority, the ANPD ( https://www.gov.br/anpd ).
7. European context — GDPR
If you're in the EU, EEA, or UK, the General Data Protection Regulation (Regulation (EU) 2016/679) applies to our processing of your data.
- Controller: Discerne.co, LLC — Delaware, USA
- Lawful basis: legitimate interest (Art. 6(1)(f), security logs) and consent (Art. 6(1)(a), newsletter)
- EU representative: given the limited scope of processing (no profiling, no large-scale operations), we haven't appointed an Article 27 representative. If GDPR Article 27 applies and we should appoint one, contact us and we'll address it.
- Article 15–22 rights: the rights in §5 apply, including the right to lodge a complaint with your national supervisory authority.
Where LGPD and GDPR differ, we apply the stricter standard.
8. Data retention
- Cloudflare HTTP request logs — 7 days
- Cloudflare security event logs — 30 days
- Aggregate, anonymized performance metrics — 90 days
- Newsletter email — Until you unsubscribe + 30 days
- Records of privacy requests and our responses — 5 years (legal compliance)
We delete data when its retention window expires. Backup copies may take up to 30 additional days to fully purge.
9. Policy updates
We update this policy when our practices change or the law changes. For material changes (anything that meaningfully affects what data is collected or how it's used), we'll show a site-wide banner for 30 days before the new version takes effect. Minor changes — wording, clarifications, contact details — go live on update without notice.
The current version and last-updated date appear at the bottom of this page. We keep prior versions on request.
10. Contact
For privacy questions, requests, or complaints:
`hello@discerne.co`
We respond within 15 days. Most requests we handle the same week.
For everything else (general inquiries, press, partnerships), the same address works.
Last updated: April 30, 2026 · Version 2.1
Discerne.co, LLC — Delaware, USA