Privacy
Privacy notes
Last updated: 22 May 2026.
The short version
The Ear Lab is a static educational site with browser-local tools. We do not run Google Analytics, Meta Pixel, advertising networks, behavioral retargeting, fingerprinting, or any analytics that identify individual readers. We do not sell data because we do not collect data worth selling.
What loads when you visit
- The page itself, served as static HTML from our hosting (Argonaut, Frankfurt EU). Your browser sends standard HTTP request headers (IP, user-agent, referrer) to the web server, which writes them to short-retention server access logs used only for diagnostics.
- Google Fonts, loaded from
fonts.googleapis.comandfonts.gstatic.com. Google sees your IP when fonts load. We use this for the Inter and Source Serif 4 font families. - YouTube embeds, only on the small number of articles that embed a video. We use the privacy-enhanced
youtube-nocookie.comdomain, which does not set tracking cookies until you press play.
What we do NOT load
- Google Analytics, GA4, gtag, Tag Manager
- Meta Pixel, Facebook Connect, any Meta property
- X / Twitter conversion pixels, TikTok pixel
- Ad networks (AdSense, Mediavine, Ezoic, AdThrive, Raptive)
- Hotjar, FullStory, Mouseflow, LogRocket session-replay
- Customer.io, Segment, Mixpanel, Amplitude analytics
- Heatmap or scroll-depth trackers, fingerprinting libraries
Tool data (audiograms, frequency matches)
If you use the Tinnitus Frequency Matcher and tap "Save my result," your matched frequency and a timestamp are written to your browser's localStorage. This data:
- Stays on your device. It is never transmitted to our servers.
- Is readable only by code from this site running in your browser.
- Can be cleared at any time from your browser's site settings, or by tapping "Restart" in the tool.
If you share a result link (the ?match= URL parameter), the matched frequency travels in the URL only. No identifying information is included.
Newsletter
If you subscribe to our newsletter, we collect your email address. The form posts to sendsimple.site/api/public/subscribe, our self-hosted email infrastructure on a Frankfurt EU server. SendSimple stores your email in a PostgreSQL database, sends a confirmation email, and (after you confirm) periodic broadcasts.
The email list is not sold, rented, or shared. There is a one-click unsubscribe link in every email and an RFC 8058 unsubscribe header. Unsubscribing is immediate. If you ask us to delete your record entirely, write to contact and we will purge it.
Cookies
We do not set cookies. Our service worker (used for PWA / offline support) is not a tracking mechanism, it is a local cache. You can disable it in your browser's site settings.
Server access logs
Our hosting provider records standard HTTP access logs (IP, request path, status code, user-agent, response time). These are retained for 30 days for diagnostic and abuse-prevention purposes. After 30 days they are rotated out.
GDPR + UK GDPR rights
If you are in the EU/UK, you have the following rights regarding your personal data: access, rectification, erasure ("right to be forgotten"), restriction, portability, objection, and the right to lodge a complaint with a supervisory authority.
To exercise any of these rights, write to contact. We respond within 30 days.
Our lawful basis for processing newsletter emails is consent. Our lawful basis for processing server access logs is legitimate interest.
Children
The Ear Lab is not directed at children under 13. We do not knowingly collect personal information from children under 13.
Changes to this notice
For material changes, we update the "Last updated" date at the top. For substantial changes (e.g. adding any third-party tracker), we notify newsletter subscribers in advance.