Privacy Policy
This policy describes how Middle Earth Journey (“we,” “us”) handles personal information. We collect as little as possible. We do not sell personal information. The Service is operated under California, USA jurisdiction and is CCPA/CPRA compliant.
1. Data Controller
The data controller for this Service is the publisher of middleearthjourney.com. Contact: hello@middleearthjourney.com. There is no separately appointed Data Protection Officer.
2. Categories of Data Collected
- Identifiers: IP address (truncated before storage), device type, browser type.
- Usage data: pages viewed, referrer URL, approximate session duration, anonymous click patterns.
- Geolocation: approximate country and region derived from IP — never precise GPS.
- Communications: email address and message content if you contact us.
- Consent records: your cookie preferences stored locally in your browser (see Cookie Policy).
We do not collect: payment data, government identifiers, biometric data, precise location, or sensitive personal information as defined by CCPA.
3. Purposes of Processing & Legal Basis
| Purpose | Legal Basis |
|---|---|
| Operating and securing the Service | Legitimate interest |
| Storing your cookie consent | Legal obligation |
| Anonymous analytics (if you consent) | Consent |
| Responding to inbound email | Legitimate interest / consent |
4. Third-Party Sharing
We share data only with the following providers, and only as necessary to operate the Service:
- Hosting provider — serves the website; receives IP addresses as part of standard server logs.
- Email provider — only if you write to us; receives the contents of your message.
- Google Fonts — typography is loaded from Google’s CDN; Google may receive your IP as part of the request.
We do not share data with advertising networks. We do not run ad re-targeting. We do not sell or share personal information for cross-context behavioural advertising as defined by CCPA/CPRA.
5. International Data Transfers
The Service may be served from servers outside your country of residence, including the United States. By using the Service you understand that your data may be processed in the U.S. under applicable cross-border data transfer mechanisms.
6. Retention Periods
- Server logs: 30 days, then deleted.
- Anonymous analytics aggregates: up to 26 months.
- Email correspondence: up to 24 months from last contact.
- Consent records (browser localStorage): until you clear them.
7. Your CCPA Rights
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know — request the categories of personal information we have collected about you.
- Right to Delete — request deletion of personal information we hold about you.
- Right to Correct — request correction of inaccurate personal information.
- Right to Opt-Out of Sale or Sharing — we do not sell or share your information for advertising; this right is automatically honoured.
- Right to Limit Use of Sensitive Personal Information — we do not collect sensitive PI; this right is automatically honoured.
- Right to Non-Discrimination — we will not deny service, charge differently, or provide a different level of service in retaliation for exercising your privacy rights.
To exercise any of these rights, email hello@middleearthjourney.com with the subject line “Privacy Request.”
8. “Do Not Sell or Share My Personal Information”
We do not sell or share personal information. A formal opt-out is therefore not required, but you may confirm this by emailing us. A footer link to this section is maintained for compliance.
9. Children’s Data
The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13 (COPPA). If you believe a child has provided personal information, contact us and we will delete it.
10. Security Measures
We use HTTPS for all traffic, restrict server access to authorised maintainers, and minimise data collection by design. No method of transmission is 100% secure; we cannot guarantee absolute security.
11. Changes to This Policy
We may update this policy. The current version is identified by the version number and date at the top. Material changes will be flagged in the site footer for at least thirty (30) days.
12. Contact
See also: Terms of Use · Cookie Policy