What we keep and don't.

TB Tech is a one-person studio. We don't run analytics, we don't drop cookies, we don't fingerprint your browser, and we don't sell anything about you to anyone. This page exists to tell you exactly what does get stored when you interact with us, why, and how to make it go away.

Last updated: 11 April 2026

1. Who we are

TB Tech is an independent macOS software studio. The data controller for everything described on this page is TB Tech, contactable at [email protected]. There is no data protection officer because we are too small to be required to appoint one — emails go to a real human who reads them.

2. What we collect when you visit a TB Tech site

Nothing. Our marketing sites (tbtech.app and iconforge.tbtech.app) run no analytics, no tag managers, no advertising pixels, no session replay, no heatmaps, and no cookies. Your IP address is processed by Cloudflare's edge to deliver the page to you, but we never see it and it isn't logged for our use.

3. What we collect when you subscribe to the newsletter

When you submit your email through the subscribe form on either tbtech.app or iconforge.tbtech.app, we store the following in a Cloudflare D1 database:

• Your email address. So we can email you when something worth saying actually happens — launches, big updates, occasional behind-the-scenes notes.
• A list slug (always newsletter) so the same row works regardless of which TB Tech site you signed up from.
• The date and time of your sign-up.
• Your browser's User-Agent string and the referring page, kept for spam triage and truncated to 255 characters. Not used for marketing or profiling.
• The country your request originated from (a two-letter ISO code derived from your IP at request time). We never store the IP itself.

That's the entire row. There is no name field, no postal address, no phone number, no birthday, no checkbox preferences. We don't track which links you click in our emails because we don't add tracking pixels.

4. Why we collect it (lawful basis)

Under GDPR Article 6, the processing has two lawful bases:

• Consent (Art. 6(1)(a)) covers storing your email and sending you occasional newsletter emails — launches, big updates, behind-the-scenes notes. The act of submitting the form is the consent. Submission is voluntary; there is no consequence for not signing up.
• Legitimate interest (Art. 6(1)(f)) covers the User-Agent / referrer / country fields, which exist to keep bots from filling our database with garbage. We've balanced this against your privacy by truncating, never logging IPs, and never sharing the data with third parties.

5. Where it lives and how long

Your row is stored in a Cloudflare D1 database (a managed SQLite instance) in Cloudflare's network. We retain it for as long as you stay subscribed. The moment you unsubscribe (one click — see below), the row is marked inactive, excluded from every future send, and permanently deleted from the database within 30 days. If TB Tech ever shuts the newsletter down, the entire table is archived and then deleted within 90 days.

6. Who else sees it

Nobody. We do not sell, rent, share, license, or otherwise hand your data to advertising networks, data brokers, social platforms, or AI training companies. The only third parties that touch any byte of it are:

• Cloudflare — hosts the D1 database, the worker that writes to it, and the website that serves the form. Cloudflare's processing is governed by their privacy policy and their EU/UK data processing addendum.
• Resend — used to send each newsletter email. Resend sees your email address at the moment of sending, governed by their privacy policy.

Both providers act as data processors under our instructions. Neither uses your data for their own marketing.

7. Your rights

If GDPR (EU/UK), KVKK (Turkey), or similar data-protection law applies to you, you have the right to:

• Access the data we hold about you.
• Correct it if it's wrong.
• Delete it (right to erasure / right to be forgotten).
• Withdraw your consent at any time.
• Receive a copy in a portable format.
• Object to or restrict our processing.
• Lodge a complaint with your local supervisory authority.

To exercise any of these, just email [email protected]. Because we're small, we usually act on the request the same day. We will not ask you to "verify your identity" by sending us an ID card — your request from the email address on file is sufficient.

8. Unsubscribing

Every newsletter email we send has a one-click unsubscribe link in the footer (and an RFC 8058 List-Unsubscribe header so Gmail and Apple Mail can show their own unsubscribe button). Clicking it instantly marks your row inactive without requiring you to log in to anything, confirm by email, or answer "are you sure?" prompts. If the link is ever broken, emailing [email protected] with the word "unsubscribe" will remove you the same day.

9. Cookies and tracking

None. We don't use cookies, localStorage, sessionStorage, or any other client-side persistence on the marketing sites. The IconForge macOS app itself contains no telemetry, no crash reporting that phones home, and no usage analytics.

10. Children

Our products and newsletter are not directed at children under 16. We don't knowingly collect data from anyone in that age range. If you believe we have, email us and we'll delete it immediately.

11. International transfers

Cloudflare and Resend operate global edge networks. Your data may be processed in any region they operate in, including outside the EU/EEA. Both providers maintain Standard Contractual Clauses for international transfers under GDPR Chapter V.

12. Changes to this page

If we change anything about how we handle your data, we'll update the "Last updated" date at the top of this page and, for material changes, email every active newsletter subscriber before the new policy takes effect.

13. Questions

Anything unclear, anything missing, anything you want changed? Email [email protected]. A real person will write you back.