Privacy Policy

This Privacy Policy explains how thecoffeejesus.com ("the site," "I," "me," or "my," operated by Christopher Tavolazzi) handles information when you visit the site, contact me, subscribe to my newsletter, or book a paid session.

The short version: I collect as little as possible, I don't sell your data, and the third-party tools I use (analytics, newsletter, payments) handle data under their own privacy policies, which are linked below.

I collect information in a few limited ways:

• Anonymous analytics. Aggregate, non-identifying usage data via Cloudflare Web Analytics (page views, referrers, general region). No cookies, no individual tracking.
• Information you give me directly. If you email me or message me, I receive whatever you choose to send: your name, email address, and the contents of your message.
• Newsletter subscription. If you subscribe via the embedded Substack form, Substack collects your email address on my behalf.
• Booking & payment information. If you book a paid session, my payment processor (Stripe) collects the information needed to process your payment. I do not receive or store your full card details. See Payments below.
• Scheduling information. After payment you schedule your session through Google Calendar's booking page, which collects the name, email address, and time you provide to book the appointment.

I use the information I collect to:

• Respond to your messages and provide the sessions or services you request.
• Send newsletter content you have subscribed to (you can unsubscribe anytime).
• Process payments and keep basic records required for accounting and taxes.
• Understand, in aggregate, how the site is used so I can improve it.

I do not sell, rent, or trade your personal information to anyone.

The site relies on a small number of third-party services. When you interact with these, your information is handled under their respective privacy policies:

• Cloudflare (hosting, CDN, privacy-friendly analytics): privacy policy
• Stripe (payment processing for Sessions): privacy policy
• Gumroad (digital products and downloads): privacy policy
• Google (appointment scheduling via Google Calendar): privacy policy
• Substack (newsletter): privacy policy
• Ko-fi (tips / support): privacy policy
• Spotify, SoundCloud, YouTube (embedded media): governed by their own policies

Embedded content from these services may load in your browser and is subject to the provider's own data practices.

Paid sessions are processed by Stripe, a PCI-compliant payment processor. When you pay, Stripe collects your payment details (such as card information, billing name, and email) directly. I never see or store your full card number.

I receive limited transaction information from Stripe, such as your name, email, the amount paid, and a confirmation, so I can deliver the session and keep records required for tax and accounting purposes.

Digital products and downloads are handled by Gumroad, and voluntary tips by Ko-fi, in the same way: the platform collects and processes payment details directly under its own terms, and I receive only limited transaction information (such as a name, email, and confirmation). I never see or store your full card number.

This site itself does not set tracking or advertising cookies. The analytics I use (Cloudflare Web Analytics) are cookieless by design.

Embedded third-party widgets (Substack, Ko-fi, Stripe, Spotify, SoundCloud) and your browser's local storage may set their own cookies or store small amounts of data, for example, the site remembers locally that you dismissed the disclaimer banner. You can clear this at any time through your browser settings.

I keep personal information only as long as needed for the purpose it was collected, for example, to respond to your message, deliver a session, or meet legal and tax record-keeping requirements. Transaction records may be retained for the period required by applicable tax law.

Depending on where you live, you may have rights to access, correct, or delete the personal information I hold about you, and to opt out of marketing communications.

To exercise any of these, just contact me. You can unsubscribe from the newsletter at any time using the link in any email. For data held by a third-party processor (such as Stripe, Gumroad, Ko-fi, or Substack), you may also exercise rights directly with that provider.

California residents (CCPA)

Under the California Consumer Privacy Act, California residents have the right to know what personal information is collected and how it is used; to delete personal information I hold (subject to certain exceptions); to opt out of the sale of personal information (I do not sell personal data); and to non-discrimination for exercising these rights. Because most data on this site is collected by third parties (Cloudflare, Stripe, Gumroad, Ko-fi, Substack), requests about that data should be directed to those services directly. For any data I hold directly, contact me.

European visitors (GDPR)

If you are visiting from the European Economic Area, you have rights under the General Data Protection Regulation, including the right to access, correct, or erase personal data, and the right to data portability. As this site is operated by an individual and data collection is minimal, most of these rights must be exercised directly with the third-party services that collect your data (linked in Third-Party Services). For direct inquiries, contact me.

This site and its services are not directed to children under 13 (or the minimum age required in your jurisdiction). I do not knowingly collect personal information from children. If you believe a child has provided me information, please contact me and I will delete it.

I may update this Privacy Policy from time to time. Changes are effective when posted to this page, and the "last updated" date above will reflect the most recent revision.

Questions about this policy or your data? Email [email protected] or reach out via Substack.

See also: Terms of Service · Policies & Disclaimer