Privacy Policy

Effective 2026-01-01

Michigan Gateway is built to be useful without requiring you to surrender your privacy. This page explains exactly what data we collect, what we do not collect, and what you can do about it. If anything here is unclear, contact us and we'll clarify directly.

What we collect

Server access logs — when your browser requests a Michigan Gateway page, our hosting provider (Cloudflare Pages) records the request URL, your IP address, user-agent, and timestamp. These logs are retained for up to 30 days for security and abuse-prevention purposes and are not used to build user profiles.
Theme preference — when you toggle light/dark mode, we store the choice in your browser's localStorage under the key mm-theme. This value never leaves your device.
Aggregate, anonymized analytics — we may use a privacy-respecting analytics service (such as Cloudflare Web Analytics) that records page-view counts in aggregate without setting cookies or fingerprinting visitors.

What we do not collect

We do not require you to register, log in, or provide an email to use the public dashboard.
We do not set advertising cookies. We do not run third-party ad networks.
We do not sell, rent, or share visitor data with third parties for marketing purposes.
We do not track visitors across other websites.

Third-party services

Pages on Michigan Gateway may load resources from the following third parties to power specific features:

Cloudflare — content delivery, hosting, and DDoS protection
Google Fonts — typography (no cookies, but Google may log requests per its policy)
OpenStreetMap / Esri / Stadia — map tiles for the alert and water-level maps
NWS, USGS, NOAA, EPA, FEMA, Grants.gov, USAJobs — live data feeds, fetched server-side

Each operates under its own privacy policy. Embedded maps and live-data fetches happen during normal page rendering; no personally identifying information is sent.

Cookies

Michigan Gateway's public pages do not set cookies for tracking. Authenticated areas (when in use) may set a session cookie strictly required to keep you signed in. We do not set marketing or analytics cookies.

Your rights

Under the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), you have the right to know what personal data we hold about you, to request its deletion, and to object to its processing. Because we do not maintain user accounts on the public dashboard, in most cases we hold no personally identifying data about you beyond transient server logs that are automatically purged. To exercise any of these rights, contact us.

Changes to this policy

If we update this policy, we'll change the effective date at the top and announce the change on the homepage. We will not retroactively reduce your privacy without your consent.