Privacy Policy
Last Updated: May 22, 2026
1. Introduction
Tsicoa ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website Tsicoa.com (the "Site"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Site.
We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.
2. Information We Collect
We have designed our Site to minimize data collection. Our financial calculators process all data locally in your browser; your salary, tax, and financial inputs are never transmitted to our servers.
2.1 Information Collected Automatically
When you visit our Site, certain information is automatically collected by our infrastructure and analytics providers. The table below summarizes what we collect:
| Data Category | Examples | Purpose | Legal Basis |
|---|---|---|---|
| Technical / Log Data | IP address (anonymized), browser type, operating system, referring URL, access times, pages viewed | Site operation, security, analytics, content improvement | Legitimate interest |
| Usage Data | Pages visited, time on page, feature interactions, scroll depth | Improving user experience and tool performance | Legitimate interest |
| Device Information | Device type, screen resolution, language preference | Responsive design optimization, content localization | Legitimate interest |
2.2 Data We Do NOT Collect
We want to be clear about what we do not collect:
- Personal financial data: All calculator inputs (salary, tax details, work hours, etc.) are processed entirely in your browser and are never sent to any server.
- Personal identification information: We do not require registration, accounts, or logins. We do not collect names, email addresses, phone numbers, or mailing addresses through our calculators.
- Cookies for advertising or tracking: We do not use third-party advertising cookies or cross-site tracking cookies.
- Children’s data: We do not knowingly collect personal information from children under 16 years of age.
3. Cookies and Tracking Technologies
Our Site uses only essential and analytics-related technologies. We do not use cookies for advertising purposes.
| Cookie / Technology | Type | Purpose | Duration |
|---|---|---|---|
| Plausible Analytics Script | Privacy-first analytics | Anonymous usage statistics (no cookies set) | Session-based |
| Cloudflare Security | Essential / Security | DDoS protection, bot mitigation, CDN delivery | Session-based |
4. Third-Party Service Disclosures
We rely on the following third-party services to operate our Site securely and efficiently. These providers may process limited technical data as described below:
4.1 Cloudflare
Our Site uses Cloudflare, Inc. for content delivery (CDN), DDoS protection, and web security. Cloudflare may process your IP address and browser information to provide these security and performance services. Cloudflare’s processing occurs at the edge and is governed by their privacy policy at cloudflare.com/privacypolicy.
4.2 Plausible Analytics
We use Plausible Analytics, a privacy-first, cookieless web analytics service. Plausible does not use cookies and does not collect personal data. All analytics data is aggregated and anonymized. Plausible tracks only:
- Page URLs visited
- Referrer information
- Browser and device type
- Country-level location (derived from anonymized IP address)
Plausible does not track individual users across sites or sessions. For more details, see plausible.io/privacy.
4.3 Third-Party Links
Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.
5. How We Use Your Information
The limited technical data we collect is used exclusively for:
- Operating, maintaining, and improving our Site and tools
- Understanding how users interact with our tools to improve usability
- Ensuring the security and integrity of our Site
- Complying with legal obligations
We do not sell, rent, or trade your personal information to third parties.
6. Data Retention
Analytics data (Plausible) is retained indefinitely in aggregated, anonymized form. Cloudflare security logs are retained for a limited period as determined by Cloudflare’s policies. Since we do not collect personal data through our calculators, there is no personal data to retain from those interactions.
7. Data Security
We implement appropriate technical and organizational security measures to protect the limited data we process. Our Site is served over HTTPS (TLS encryption) to protect data in transit. We use Cloudflare’s security infrastructure to mitigate DDoS attacks and other threats. However, no electronic transmission over the Internet can be guaranteed to be 100% secure.
8. COPPA (Children’s Online Privacy Protection Act)
Our Site is not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at lloccx0213@yeah.net.
9. CCPA — California Consumer Privacy Act
This section applies solely to California residents and supplements the information contained in this Privacy Policy. Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information.
9.1 Categories of Personal Information Collected
We have collected the following categories of personal information within the last twelve (12) months:
| Category | Collected? | Source | Business Purpose | Sold or Shared? |
|---|---|---|---|---|
| A. Identifiers (name, email, IP address) | Partial (IP address only, anonymized) | Automatic collection via Cloudflare | Security, DDoS protection | No |
| B. Personal information categories (Cal. Civ. Code § 1798.80(e)) | No | N/A | N/A | No |
| C. Protected classification characteristics | No | N/A | N/A | No |
| D. Commercial information | No | N/A | N/A | No |
| E. Biometric information | No | N/A | N/A | No |
| F. Internet or other similar network activity | Yes | Plausible Analytics, Cloudflare | Analytics, security, performance | No |
| G. Geolocation data | Country-level only (from anonymized IP) | Plausible Analytics | Analytics | No |
| H. Sensory data | No | N/A | N/A | No |
| I. Professional or employment-related information | No | N/A | N/A | No |
| J. Non-public education information | No | N/A | N/A | No |
| K. Inferences drawn from other personal information | No | N/A | N/A | No |
| L. Sensitive personal information | No | N/A | N/A | No |
9.2 Your Rights Under the CCPA
As a California resident, you have the following rights:
- Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
- Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.
- Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
- Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information. Note: We do not sell or share personal information as defined by the CCPA.
- Right to Limit Use of Sensitive Personal Information: We do not collect or process sensitive personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
9.3 Exercising Your CCPA Rights
To exercise your rights under the CCPA, please contact us at lloccx0213@yeah.net. We will respond to verifiable consumer requests within 45 days as required by law. We may need to verify your identity before processing your request. You may also designate an authorized agent to submit a request on your behalf.
9.4 Notice of Financial Incentive
We do not offer any financial incentive programs, loyalty programs, or price discrimination based on the collection or use of personal information.
10. International Data Transfers
Our Site is hosted and operated in the United States. If you access our Site from outside the United States, your information may be transferred to, stored, and processed in the United States. By using our Site, you consent to such transfer and processing. We use Cloudflare’s global CDN, which may process data at edge locations worldwide for performance purposes.
11. Google AdSense & Advertising Compliance
Our Site may display advertisements through Google AdSense or similar advertising networks. In compliance with Google’s policies:
- We maintain a clearly accessible and comprehensive Privacy Policy.
- We do not collect personal financial data from our calculator tools.
- If third-party advertising cookies are deployed in the future, we will update this policy and provide appropriate cookie consent mechanisms.
- We comply with Google’s policies regarding prohibited content and data collection practices.
This Privacy Policy is designed to meet the requirements of Google AdSense program policies, including transparency about data collection, third-party service disclosures, and user rights under applicable privacy laws.
12. GDPR — European Union & EEA Data Protection
This section applies to individuals located in the European Union (EU), European Economic Area (EEA), and the United Kingdom. Under the General Data Protection Regulation (GDPR) and the UK GDPR, you have specific rights regarding your personal data.
12.1 Legal Basis for Processing
We process personal data under the following legal bases as defined by Article 6 of the GDPR:
| Processing Activity | Legal Basis | Explanation |
|---|---|---|
| Web security, DDoS protection (Cloudflare) | Legitimate Interest (Art. 6(1)(f)) | Necessary to protect our Site and users from cyber threats and ensure service availability |
| Anonymous usage analytics (Plausible) | Legitimate Interest (Art. 6(1)(f)) | Understanding aggregate usage patterns to improve our tools without processing personal data |
| Site performance monitoring | Legitimate Interest (Art. 6(1)(f)) | Ensuring optimal site performance and diagnosing technical issues |
Where we rely on legitimate interest as our legal basis, we have conducted a Legitimate Interest Assessment (LIA) balancing our interests against your rights and freedoms. Because we process minimal technical data and all calculator operations are local to your browser, we have determined that the impact on your privacy is negligible.
12.2 Your Rights Under the GDPR
As an EU/EEA/UK data subject, you have the following rights:
- Right of Access (Art. 15): You have the right to obtain confirmation as to whether we process your personal data, and if so, to request a copy of that data along with details about how it is processed.
- Right to Rectification (Art. 16): You have the right to request correction of inaccurate personal data we hold about you.
- Right to Erasure / "Right to be Forgotten" (Art. 17): You have the right to request deletion of your personal data where there is no compelling reason for its continued processing, subject to certain exceptions.
- Right to Restriction of Processing (Art. 18): You have the right to request that we limit the processing of your personal data in certain circumstances (e.g., while we verify the accuracy of contested data).
- Right to Data Portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
- Right to Object (Art. 21): You have the right to object to processing based on legitimate interests. If you object, we will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
- Rights Related to Automated Decision-Making (Art. 22): We do not engage in automated decision-making or profiling that produces legal effects concerning you.
12.3 Exercising Your GDPR Rights
To exercise any of your GDPR rights, please contact us at lloccx0213@yeah.net. We will respond to your request within one month (extendable by two additional months for complex or numerous requests, with notification to you). We may request proof of identity to verify your request. There is generally no fee for exercising your rights, unless your request is manifestly unfounded or excessive.
12.4 International Data Transfers
Our Site is hosted on servers located in the United States. When you access our Site from the EU/EEA/UK, your technical data (IP address, browser information) is transferred to and processed in the United States. We rely on the following transfer mechanisms to ensure adequate protection:
- Cloudflare: Cloudflare maintains certifications under the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the DPF, and the Swiss-U.S. DPF. Cloudflare also employs Standard Contractual Clauses (SCCs) as a supplementary transfer mechanism. For details, see Cloudflare’s GDPR compliance page.
- Plausible Analytics: Plausible Analytics is hosted in the EU (Germany) and all analytics data remains within the EU. Plausible is fully GDPR-compliant by design and does not transfer personal data outside the EEA.
12.5 Data Protection Officer (DPO)
Given the nature and scale of our data processing (minimal technical data only), we are not legally required to appoint a formal Data Protection Officer under Article 37 of the GDPR. However, we take data protection seriously. For all privacy-related inquiries, including GDPR matters, please contact us at lloccx0213@yeah.net.
12.6 Right to Lodge a Complaint
If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority in your EU member state of residence, place of work, or the place of the alleged infringement. A list of EU data protection authorities is available at the European Data Protection Board website. In the UK, you may contact the Information Commissioner’s Office (ICO).
12.7 Data Retention Under GDPR
| Data Type | Retention Period | Basis |
|---|---|---|
| Cloudflare security logs | Up to 72 hours for most logs; up to 7 days for security-related data | As determined by Cloudflare; necessary for security operations |
| Plausible analytics data | Indefinite retention in aggregated, anonymized form | No personal data retained — data is fully anonymized and aggregated |
| Calculator inputs | Not retained; processed locally and never transmitted | All calculations occur in your browser only |
12.8 Consent Withdrawal
Where we process data based on consent, you have the right to withdraw your consent at any time. Since our processing relies on legitimate interests (not consent) and we do not process personal data through our calculators, there is generally no consent to withdraw. If consent-based processing is introduced in the future (e.g., optional email newsletter), we will provide clear mechanisms for consent and withdrawal.
13. Do Not Track Signals
Our Site does not respond to Do Not Track (DNT) signals at this time because there is no consistent industry standard for compliance. However, given our minimal data collection practices, there is limited tracking to opt out of. We do not track users across third-party websites.
14. Contact Us
If you have questions or comments about this Privacy Policy, or wish to exercise your privacy rights under the GDPR, CCPA, or other applicable laws, please contact us at:
- Email: lloccx0213@yeah.net
- Website: Contact Page
This Privacy Policy was last updated on May 22, 2026.