Privacy Policy

Last updated: 20 February 2026

This policy is written in plain language. See also our Terms of Service.

1. Who we are

Controller: Anthony Eckert, operating as MoreRight (moreright.xyz).

Contact: [email protected]

2. What we collect

If you just browse the site

  • No HTTP cookies. Zero. None.
  • No personal data. We don't know who you are.
  • localStorage — used for consent choice, scoring tool state, inventory data.
  • Standard server logs — IP address, page requested, timestamp, browser string. Our hosting provider (Azure) processes these. They are not combined with any other data, not shared with third parties, and auto-deleted per Azure's retention policy.

If you consent to analytics

We use Umami, a privacy-focused analytics tool self-hosted on our own server. Umami collects:

  • Page URL visited
  • Referrer (where you came from)
  • Browser type and screen size
  • Country (from IP, then the IP is discarded)

Umami does not: set cookies, track across sites, fingerprint devices, collect personal data, or share anything with third parties. The data lives on our server, not Google's. You can withdraw consent at any time (see Section 7).

If you submit data voluntarily

Some tools let you submit assessments, scores, or survey responses to contribute to the research. When you do:

  • Submissions are public and available via our data export API
  • Raw text you paste into tools (Vocabulary Scorer, etc.) is not stored on our server
  • Wallet addresses for operator accounts are partially masked in public views
  • No account, email, or login required for any public tool

3. Legal basis (GDPR Article 6)

BrowsingLegitimate interest — basic server operation
localStorageStrictly necessary for tool functionality (ePrivacy Art. 5(3) exemption)
AnalyticsYour consent (opt-in only)
Research submissionsYour consent (you click submit)

4. Data sharing

We do not sell, rent, or trade any data.

Third parties with incidental access:

CloudflareDNS and CDN proxy. Processes requests in transit. Their privacy policy.
Microsoft AzureServer hosting. Standard server logs. Their privacy policy.

No data goes to Google, Meta, advertising networks, data brokers, or any analytics provider other than our self-hosted Umami instance.

5. International transfers

Our server is hosted on Microsoft Azure. If you access the site from the EU, your request passes through Cloudflare's CDN (which has EU nodes) and reaches our server. Server logs containing IP addresses are processed by Azure under their GDPR Data Processing Agreement. Analytics data (Umami) stays on our server and is not transferred to any third party.

6. Data retention

Server logsAzure default retention (typically 30-90 days)
AnalyticsAggregated, no personal data retained. Umami does not store IP addresses.
localStorageUntil you clear it. It's your browser, your data.
Research submissionsRetained indefinitely as part of the public research dataset. Contact us to request removal.

7. Your rights

Under GDPR (EU), UK GDPR, CCPA (California), and similar laws, you have the right to:

To exercise any right: [email protected]. We will respond within 30 days.

CCPA note: We do not sell personal information. We do not use personal information for targeted advertising. California residents have additional rights under CCPA/CPRA — the same email address handles those requests.

8. Children

This site is a research project. We do not knowingly collect personal data from anyone under 16. If you are a parent and believe your child has submitted data, contact us and we will delete it.

9. Complaint

If you believe we are mishandling your data, you have the right to lodge a complaint with your local data protection authority. In the EU, find yours at edpb.europa.eu.

10. Changes

If this policy changes, the date at the top updates and a note appears here describing what changed. No silent edits.

See also: Terms of Service · Licensing · Trademark & Copyright