Our Privacy Policy

Privacy at Wicked Weave

Last updated: April 2026

We run Wicked Weave as a small, non-commercial publication.
We don't sell data, we don't show ads, and we don't track you across the web. This notice describes what limited data we do handle, why, and what you can ask us to do about it.

Who's responsible

Wicked Weave is operated jointly by Luca Bianchi and a co-author who is identified in our Impressum. Postal address: Lindstrasse 21, 8400 Winterthur, Switzerland. Questions about this notice or your data go to admin@wickedweave.ch.

We're based in Switzerland and operate under the Swiss Federal Act on Data Protection (FADP). If you read us from the EU, the EU General Data Protection Regulation (GDPR) also applies; we've designed this notice to satisfy both.

What we collect, and why

If you subscribe to the newsletter or create an account: we store the email address you provide, and any name you choose to add to your profile. We use this only to deliver newsletter emails and to give you access to comments and member features. The data is held by Ghost(Pro), our publishing platform, on EU servers; outbound newsletter emails are delivered via Mailgun.

If you comment on an article: your display name and the comment text become visible to other readers. Comments are managed through Ghost's native comments system and stored alongside the rest of your member data.

Site analytics: Ghost provides built-in, first-party analytics that count unique visitors using 24-hour windows. No cookies, no cross-site tracking, no third-party tools. Aggregate data tells us things like which posts are read and roughly how many people visited this week — nothing that identifies you personally.

Server logs: Our host Hostpoint keeps standard server logs (including IP addresses) for security and operational purposes, per their own retention policies.

If you tip us via Ko-Fi: the Support Us button on the page loads a widget from Ko-Fi, and clicking through takes you to Ko-Fi's own site to complete a payment. From that point on, Ko-Fi's privacy policy governs what happens with your data — we never see your card or banking details.

What we don't do

• No advertising, no ad networks, no tracking pixels.
• No Google Analytics, no Facebook Pixel, no third-party trackers.
• No selling, renting, or sharing of your data with marketers.
• No profiling or automated decision-making about you.

Links to other sites

We link to YouTube videos, news articles, museum collections, other publications, and similar external sources as part of writing about the things we cover. When you follow one of those links, you leave Wicked Weave and you're subject to that site's own privacy practices. We have no control over what those sites collect.

Some embedded content — bookmark cards that show a preview of an external page, or occasionally an embedded video — may load images, favicons, or scripts from those external sites when the page renders. This can let those sites know that someone (with your IP address) viewed a Wicked Weave page that linked to them. We try to minimise this where reasonable but can't always avoid it without losing the embed entirely.

What you can ask us to do

Under both Swiss FADP and EU GDPR, you have the right to:

• Know what data we hold about you.
• Correct anything inaccurate.
• Delete your data (we'll remove your account and email address; published comments may need to be addressed individually).
• Object to specific kinds of processing, or withdraw consent if we ever rely on it.
• Receive a copy of your data in a portable format.
• Lodge a complaint with the relevant data protection authority — the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland, or your national authority in the EU.

To exercise any of these, email admin@wickedweave.ch. We'll respond within 30 days.

How long we keep your data

For active members and subscribers: as long as your account exists. When you unsubscribe and have no other account activity, we'll typically remove your data within 90 days unless we're required to keep it for legal or operational reasons.

For server logs: per Hostpoint's standard retention.

For analytics: per Ghost's own retention policy for first-party analytics data.

Data outside Switzerland and the EU

Most data stays within Switzerland and the EU (Hostpoint in Switzerland; Ghost(Pro) on EU servers; Mailgun's EU infrastructure). Ko-Fi is based in the UK, which the Swiss FDPIC and the EU recognise as offering adequate data protection. If you click an external link to a non-EU/non-adequate jurisdiction, you may be subject to that jurisdiction's data protection regime; we have no control over this.

Changes to this notice

If anything material changes about how we handle data, we'll update this notice and the Last updated date at the top. For substantial changes, we'll mention it in the newsletter so you're aware.