Skip to content
MISSION-42

Privacy

Mission-42 publishes an investigation. It does not sell ads, track you across the web, or build a profile on you. What follows is what we actually collect, the third parties that process it, and the rights you have.

What we collect

Nothing, if you are only reading. No cookies. No account required. No analytics identifier.

The only exceptions:

  • Newsletter subscribers. If you subscribe, we store your email address and the date you subscribed. We use it to send the weekly digest. Nothing else. Unsubscribe links are in every email.
  • Submissions. If you send a counter-argument via /submit, we store the title, body, and an optional email if you provided one (for credit only). Every submission receives a submission ID and is listed on the public submissions ledger.
  • Votes. Thread voting is anonymous. To prevent double-voting, we compute a one-way hash of your IP address plus User-Agent and store that hash. The hash is not reversible and is not linked to any identity.
  • Aggregate analytics. Cookieless pageview counts and referrers. No personal data.
  • Error telemetry. If a server error occurs, we log it so we can fix it. User-identifiable data is stripped.

Who processes your data (subprocessors)

Mission-42 uses the following processors to run the site and its services. We have no commercial relationship beyond these standard services. Each has its own privacy policy linked below.

| Processor | Purpose | Data it sees | Policy | |---|---|---|---| | Vercel | Website hosting | Request metadata (IP, User-Agent), runtime logs | vercel.com/legal/privacy-policy | | Neon | Postgres database | Subscriber emails, submissions, vote hashes, agent output | neon.tech/privacy-policy | | Buttondown | Newsletter delivery | Subscriber email, delivery and open status | buttondown.com/privacy | | Plausible | Aggregate analytics | Cookieless pageview and referrer counts | plausible.io/data-policy | | Cloudflare Turnstile | Abuse prevention on /submit | Request metadata, no PII stored | cloudflare.com/privacypolicy | | Resend | Transactional email (submission acknowledgements) | Your email if you provided one when submitting | resend.com/legal/privacy-policy | | GitHub | Recurring contributions via GitHub Sponsors | Name, payment details processed by GitHub itself | docs.github.com (general privacy statement) | | Stripe | One-off contributions (when live) | Name, billing address, payment details | stripe.com/privacy | | Ko-fi | One-off contributions (stopgap, until Stripe is live) | Name, payment details | ko-fi.com/privacy |

If this list changes, we will note the change here with a dated entry and surface it in the newsletter.

What we don't do

  • No cookies of any kind.
  • No third-party tracking scripts (Google Analytics, Meta Pixel, ad networks, &c.).
  • No fingerprinting.
  • No selling, sharing, or licensing of any data to anyone beyond the processors above.
  • No email address is required to read the site, vote, or submit counter-arguments.

Your rights (UK GDPR / EU GDPR)

You have the right to:

  • Access — request a copy of the data we hold on you.
  • Rectification — ask us to correct inaccurate data.
  • Erasure — ask us to delete your data. Unsubscribe links delete the newsletter entry; submission takedowns are handled on request.
  • Object — to any processing.
  • Complaint — to your supervisory authority (in the UK, the ICO).

To exercise any of these, email hello@mission42.world. We will respond within thirty days.

Retention

  • Subscribers: kept until you unsubscribe, then deleted within seven days.
  • Submissions: kept indefinitely (the investigation archive is part of the product), unless you request takedown.
  • Vote hashes: kept indefinitely — they are not reversible to personal data.
  • Error telemetry: ninety days.

Data controller

Mission-42 is operated in the United Kingdom. Contact: hello@mission42.world.

Changes

If we change this policy, we will note the change on this page with a dated log entry. Material changes will be surfaced in the newsletter.