Privacy
What we collect, and what we don't.
This page is the long version of the promise in the footer. No legalese. If something isn't clear or you want something removed, email hello@retirementchecklist.org and we'll handle it.
What we don't do
No ads. Nothing on this site is paid placement. We'll never accept money to recommend a specific product, service, or professional. That's why we name categories (“an elder law attorney in your state”) instead of specific firms.
No data sale. We don't sell, share, rent, or barter your email, your intake answers, or your plan to anyone. Ever. There is no marketing partner. There is no data broker.
No third-party tracking. No Google Analytics, no Facebook pixel, no advertising cookies. We use Cloudflare Web Analytics for basic visit counts, which is cookieless and doesn't fingerprint visitors.
What we do collect
Your intake answers. The four questions you answer become a row in our database that produces your plan. Stored against the plan's URL token, not against you personally unless you claim the plan with your email.
Your email — only if you claim a plan. Entering your email triggers a magic-link sign-in. We store the address so we can recognize you on return visits and (later) email you if you ask us to. Anonymous plans don't require an email at all.
Standard server logs. Cloudflare records IP addresses, request paths, and timestamps for the usual security and abuse-prevention reasons. We don't connect these to your plan or your email.
What we deliberately don't collect
No Social Security numbers. No account numbers. No financial details. No document uploads. Your plan references sensitive things in the abstract (“locate Dad's will”) without ever holding the document itself. If you ever feel like you're being asked for something invasive, you aren't — close the tab.
How long we keep it
Anonymous plans expire after about 30 days. If you don't claim a plan with your email, it gets automatically deleted on next access after the expiry window.
Claimed plans persist until you delete them. Email us and we'll wipe your record, including the email address, any plans tied to it, and the related sign-in tokens.
Who we share with
Two service providers, both subject to their own privacy terms:
Cloudflare hosts the site, runs the database (D1), and powers the personalization model (Workers AI). Your intake answers and plan items pass through their infrastructure. Cloudflare's privacy policy.
Resend sends the magic-link sign-in email when you claim a plan. They see your email address and the body of the message we send. Resend's privacy policy.
Cookies
One cookie. It's an opaque random session ID set after you claim a plan. It's httpOnly, scoped to this site, and contains no personal information — just a pointer to your session row in our database. It expires after 30 days. We don't use any analytics, advertising, or tracking cookies.
Disclaimer
Everything on this site is a starting point, not legal, financial, or medical advice. Decisions in those areas should be made with a qualified professional who knows your family's specific situation.