Privacy Policy

Product Lookout is operated as a trade name by its US-based founder. For any privacy questions, our contact email address can be found at the end of this Privacy Policy.

You must be at least 16 years old to use Product Lookout or subscribe to our newsletter. We don't knowingly collect information from anyone younger. If you believe a child has given us their information, email us and we'll delete it.

When you sign up or subscribe:

• Your email address
• A password (stored hashed — we never see or store the plaintext)
• Optional profile details you choose to share, e.g. LinkedIn URL, job function, job industry

Automatically, when you visit the site:

• IP address and rough location derived from it
• Browser type, device type, operating system
• Pages you visit, links you click, time spent, referring site
• Cookies and similar technologies (see below)

When you open our emails (once we launch the newsletter):

• Whether you opened the email and which links you clicked

We don't collect payment information because we don't currently charge for anything. If that changes, we'll update this policy first.

We use your information to run Product Lookout and make it useful to you. Specifically, we use it to send you the newsletter you signed up for, authenticate your account, personalize what we show you based on the details you share, understand how people use the site so we can improve it, and keep everything secure and working. We also process data where we're legally required to.

For users in the EU, UK, and similar jurisdictions: we rely on your consent for the newsletter and optional profile details, contractual necessity for running your account, legitimate interests for analytics and security, and legal obligations where applicable. You can withdraw consent at any time, by unsubscribe links in every newsletter, or by deleting your account via the account settings page.

We use cookies and similar tech for two reasons:

• Essential — to keep you logged in and the site functioning. These can't be turned off.
• Analytics — we use Google Analytics and PostHog to understand how people use the site (which pages are popular, where people get stuck, etc.). These providers may set their own cookies.

If you're in a region that requires a cookie banner (EU/UK/etc.), you'll see one and can decline non-essential cookies.

We don't sell your data. We share it only with trusted service providers who help us run Product Lookout, including:

• Hosting and infrastructure providers — run our website and servers
• Database and authentication providers — store your account and profile data securely
• Analytics providers — help us understand how people use the site
• Email delivery providers — send the newsletter and handle unsubscribes

Each of these is contractually required to protect your data and use it only to provide their service to us. We choose reputable providers and review them periodically.

We may also disclose information if legally required (subpoena, court order) or to protect our rights and users' safety.

Product Lookout is based in the US, and several of our service providers are too. If you're in the EU, UK, or another region with data protection laws, your information will be transferred to and processed in the US. We rely on Standard Contractual Clauses (or equivalent safeguards) with our processors to make these transfers lawful.

• Account data: as long as your account is active, plus up to 30 days after deletion for backups to cycle out.
• Newsletter subscription: until you unsubscribe, plus a record of the unsubscribe itself so we don't accidentally re-add you.
• Analytics data: up to 26 months, then aggregated or deleted.
• Server logs: up to 90 days.

Depending on where you live, you have some or all of these rights:

• Access — ask what we have on you
• Correction — fix anything that's wrong
• Deletion — ask us to delete your data (“right to be forgotten”)
• Portability — get a copy of your data in a usable format
• Objection — tell us to stop processing your data for certain purposes
• Withdraw consent — at any time, without affecting past processing
• Complain to a regulator — your local data protection authority (e.g., ICO in the UK, your DPA in the EU, your state AG in the US)

To exercise any of these, email us at the address below. We'll respond within 30 days.

For California residents (CCPA/CPRA): you have the above rights plus the right to know what categories of personal information we collect and the right not to be discriminated against for exercising your rights. We do not sell or “share” personal information as those terms are defined under California law.

We use industry-standard measures: encrypted connections (HTTPS), hashed passwords, access controls on our database, and reputable infrastructure providers. No system is perfectly secure, but we take this seriously. If we ever have a breach that affects you, we'll notify you as required by law.

If we make material changes, we'll email subscribers and post a notice on the site before the changes take effect. The “Last updated” date at the top will always reflect the latest version.

Questions, requests, complaints: help [at] productlookout.io