Privacy

What we collect

Pizza Code Finder is a mostly-static site. We don't ask you to sign in. We don't use third-party advertising cookies, and we don't use device fingerprinting.

If you submit a coupon code, we keep the submission so a human can review it before it appears on the public site. An email field on the submit form is optional — if you provide one, it's only used if a reviewer needs to ask you a question about the code. Email is never published, sold, or added to a mailing list.

If you report a code as “worked” or “didn't work,” the count of those reports is tracked per code so the site can flag stale codes. Individual reports are not associated with you personally.

Email alert signup is currently a placeholder — the form acknowledges locally but does not store or send anything. When that changes, this page will be updated and the alert flow will use a double-opt-in confirmation.

Usage analytics

We record a limited, privacy-conscious set of usage events to understand which pages are useful and which CTAs work. The event taxonomy is documented in docs/analytics-events.md in the project repository. Event payloads carry only IDs (like a promo code's database ID), brand identifiers, counts, and result statuses — never your email, IP address, user agent, full URL, search query, ZIP code, submitted code text, or the contents of any comment, report, or form you submit. We don't send raw, user-submitted text to analytics.

We use a cookieless, measurement-only configuration of Google Analytics 4 to collect these events. It runs in “consent denied” mode: it does not set cookies, does not read or write anything in your browser's storage, and does not assign you a persistent identifier. Because of that, the data we see is coarse and modeled rather than tied to individual visitors or sessions. We do not enable Google Signals, ad personalization, or any advertising features, and we do not send user IDs.

This is a coarse, modeled view of traffic — it is not the same as “anonymous,” and it is not full visitor analytics. Turning on full visitor or session reporting would set cookies and identify return visits, so it is not something we do today. It would require a separate, deliberate decision in the future — a consent banner and a privacy/legal review — and we would update this page before doing so.

Ads are not currently activeon the site, and we don't use advertising cookies today. We may add ads or affiliate links in the future to help cover hosting costs. The current setup is built to be compatible with that — it is not a permanent “no ads” stance. If that changes, we'll update this page and the disclosure page first, with the consent settings the new feature requires.

We do not use device fingerprinting, cross-site tracking, or ad-network SDKs.

Server logs

Our hosting provider (Firebase App Hosting / Google Cloud) records standard request logs (IP address, user agent, requested URL) for a limited period. These are used to debug outages and keep the site running, and are governed by Google Cloud's own retention policies.

We don't sell personal information

We don't sell, rent, or trade any personal information collected through the site. We don't share it with advertising networks. The site has no ad-network SDKs installed today.

Ads (future, not active today)

Pizza Code Finder may eventually use display ads to cover hosting costs. No ad provider is connected today. No ad scripts are loaded, no third-party ad cookies are set, and no tracking pixels from ad networks are running. The framework that will one day host ad placements ships in a disabled state — every slot renders nothing while the global flag is off, which is the committed default.

If ads ever go live later, this page and the disclosure page will be updated before any ad script lands. The update will name the chosen provider, enumerate the cookies or local storage the provider sets, and state the consent posture (whether a consent management tool is required for users in EU, UK, Switzerland, or California). Until that update ships, no ad provider integration is permitted.

Account features are not ad tracking

Signed-in users can save alert preferences and view a private in-app alert inbox. These are account features, not ad-tracking signals. The preference data lives in your own document in our database (closed to other users at the rules layer) and is never shared with an ad provider. No alerts are actually being sent by email, SMS, or push today — the inbox is an in-app preview computed on each page load and not stored.

Calculator inputs on the /tools pages run entirely in your browser and are not saved or sent to a server. Community deal submissions and worked / didn't-work reports are reviewed by an admin and may be used to improve the public catalogue; they are not used for ad targeting.

Your rights

If you ever submit data and want it removed, contact us via the Contact page. Include enough detail to identify the submission (the brand and approximate date helps).