Find your routine
HomePrivacy
Plain English

Privacy Policy

Last updated: 2026-06-26

Short version: we collect your email onlyif you subscribe to the newsletter, we don't track you with cookies, and you can delete everything we have on you at any time by emailing us.

Who we are

NeedSkincare.com ("NeedSkincare", "we", "us") is an independent skincare publication operated by Afthab Rahman. We serve readers in the US, UK, and Australia. For any privacy question or request, email hello@needskincare.com.

What we collect

1. Newsletter email (only if you subscribe)

When you submit the newsletter form, we store your email address and the timestamp of your signup in our Supabase database. We use this to send you the newsletter, and for nothing else. We use a double opt-in flow — you confirm your subscription via an email link before we ever send you a newsletter.

Legal basis (GDPR Art. 6(1)(a)): your explicit consent at signup. You can withdraw consent any time by clicking the unsubscribe link in any newsletter, or emailing us.

2. Anonymous traffic analytics

We use Vercel Web Analyticsto count page views and understand which content is useful. Vercel's analytics are cookieless— they generate an anonymous, daily-rotating visitor ID from your IP plus user-agent. We don't see your IP address, we don't build a profile of you, and the data cannot be linked back to you individually. No advertising IDs, no cross-site tracking.

Legal basis (GDPR Art. 6(1)(f)):our legitimate interest in understanding aggregate site usage, balanced against your privacy by Vercel's cookieless, non-identifying design.

3. What we don't collect

  • No tracking cookies, no advertising pixels, no Facebook Pixel, no Google Analytics.
  • No fingerprinting beyond Vercel's anonymous daily-rotating ID.
  • No selling of any data to anyone. Ever.
  • No reading product purchases back from affiliate networks — we receive only aggregate, anonymous commission reports.

Who we share data with

We share the minimum required data with these processors. Each one acts only on our instructions and is bound by data processing agreements.

  • Supabase (database + storage host) — stores your newsletter email and our content. Supabase is GDPR and CCPA compliant.
  • Vercel (web host + analytics) — serves the site and records cookieless traffic counts.
  • Resend (email delivery) — sends newsletter confirmations and editions. We share your email and the content of the email; nothing else.

Where your data lives

Our Supabase database is hosted in the European Union. Vercel and Resend operate globally with appropriate data transfer mechanisms (Standard Contractual Clauses) for EU/UK data.

How long we keep it

  • Newsletter email:until you unsubscribe. After you unsubscribe, we keep your email on a suppression list (so we don't accidentally re-add you) but no longer send anything. You can request full deletion by emailing us.
  • Anonymous analytics: Vercel retains aggregated counts indefinitely; individual cookieless visitor IDs rotate daily and cannot be looked back up.

Your rights

Wherever you live, you can email hello@needskincare.com to:

  • Ask what data we hold on you (access)
  • Correct any inaccurate data (rectification)
  • Have your data deleted (erasure / "right to be forgotten")
  • Export your data in a portable format (portability)
  • Object to processing or restrict it
  • Withdraw consent for the newsletter at any time

We respond to verified requests within 30 days. EU/UK readers may also lodge a complaint with their national data protection authority. California readers have the same rights under CCPA / CPRA.

Children

NeedSkincare is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe we've received data from a child, email us and we'll delete it.

Security

All connections to the site use HTTPS. Database access is restricted by row-level security policies that prevent cross-account data access. Internal credentials are rotated regularly. No system is unbreakable, but we treat your data with the same care we'd want for our own.

Changes to this policy

If we change this policy in a material way, we'll update the "Last updated" date at the top and, where the change affects you directly (e.g. a new data processor), email subscribers ahead of the change. The current version always lives at this URL.

Contact

Privacy questions, data requests, or anything that isn't clear: hello@needskincare.com. See also our affiliate disclosure and about page.