The 483

Last updated: April 7, 2026

Privacy Policy

1. Introduction

The 483 (“we,” “us,” or “our”) operates the website the483.com (the “Service”). We are committed to protecting your privacy and to handling personal data responsibly, transparently, and in compliance with applicable laws — including the European Union General Data Protection Regulation (“GDPR”), the United Kingdom GDPR, and the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”).

This Privacy Policy explains what data we collect, why we collect it, how we use it, who we share it with, and what rights you have. It applies to all visitors and newsletter subscribers regardless of location.

The 483 is a free, advertising-free, anonymous-reading publication. We collect as little personal data as possible.

2. Data We Collect

We collect only the following categories of data:

  • Newsletter email address. If you subscribe to our newsletter, we collect the email address you provide and the date and approximate time of subscription.
  • IP address and connection metadata. When you visit the Service, our infrastructure providers (Cloudflare and AWS) automatically receive your IP address, user-agent string, requested URL, referrer, and timestamp. This is standard for any website on the public internet and is used for security, abuse prevention, and basic operations.
  • Privacy-respecting analytics events. We use a privacy-focused analytics provider that records aggregated, non-identifying events such as page views, referrers, country (derived from IP at the edge and immediately discarded), browser family, and device type. We do not use cookies or fingerprinting for analytics, and we do not build user profiles.

We do not collect: names (other than what you choose to provide), addresses, phone numbers, payment data, government identifiers, location data beyond country-level, behavioral profiles, or any “special categories” of personal data under GDPR Article 9.

3. How We Collect It

  • Directly from you, when you submit your email address to subscribe to the newsletter.
  • Automatically, via standard server logs maintained by Cloudflare (CDN/edge) and AWS (image hosting in us-east-2), and via privacy-respecting analytics events fired by your browser when you load a page.

We do not buy data from third parties and we do not enrich your data with information from external sources.

For users in the European Economic Area, the United Kingdom, and Switzerland, we process personal data on the following legal bases under GDPR Article 6:

  • Consent (Art. 6(1)(a)) for newsletter subscription. You provide consent by submitting the signup form, and you may withdraw consent at any time by clicking the unsubscribe link in any email or by emailing hello@the483.com.
  • Legitimate interest (Art. 6(1)(f)) for security logging and aggregated analytics — specifically, our legitimate interest in operating a secure, functional website and understanding aggregate readership. We have balanced these interests against your privacy rights and consider the impact minimal because we use no cookies, no profiling, and minimal data retention.
  • Legal obligation (Art. 6(1)(c)) where we must retain or disclose information to comply with applicable law.

5. How We Use It

We use the data we collect only for the following purposes:

  • To deliver the newsletter you subscribed to.
  • To operate, secure, and maintain the Service (including blocking abuse, spam, and denial-of-service attacks).
  • To understand aggregate readership patterns (e.g., which articles are most-read, what countries visit) so we can improve editorial coverage.
  • To respond to your inquiries when you contact us.
  • To comply with legal obligations and enforce our Terms of Use.

We do not use your data for behavioral advertising, retargeting, profiling, automated decision-making with legal effect, or sale to third parties.

6. Third-Party Services

We rely on a small number of trusted infrastructure and service providers (“processors”). Each processor handles data only on our instructions and under a written data-processing agreement (DPA) where applicable.

  • Cloudflare, Inc. — CDN, edge security, DNS, and email routing for inbound mail. Cloudflare receives your IP address and request metadata. See cloudflare.com/privacypolicy.
  • Amazon Web Services, Inc. (S3, us-east-2 region) — image hosting. AWS may receive your IP address when your browser loads an image. See aws.amazon.com/privacy.
  • TBD (not yet configured) — newsletter delivery. Receives your email address and engagement metadata (open/click events) where applicable.
  • Umami — privacy-respecting, cookieless analytics. Receives aggregated, non-identifying event data.

We periodically review our processors and update this list when material changes occur.

7. Data Sharing

We do not sell, rent, or trade personal data. We do not share personal data with advertisers, data brokers, or any commercial third party.

We may disclose data only in the following limited circumstances:

  • To the processors listed in Section 6, strictly to operate the Service.
  • When required by valid legal process (subpoena, court order, lawful government request) and only to the extent required.
  • To protect the rights, safety, or property of The 483 or others, including to investigate fraud or abuse.
  • In connection with a merger, acquisition, or sale of assets, in which case we will provide notice before personal data is transferred.

8. Cookies & Tracking

The 483 does not use behavioral, advertising, or tracking cookies. We do not use third-party advertising tags, social pixels, or fingerprinting.

The only cookies that may be set are essential security cookies issued by Cloudflare to protect the Service from automated abuse (e.g., the __cf_bm bot-management cookie). These are strictly necessary and do not require consent under the ePrivacy Directive.

Our analytics provider operates without cookies and without collecting unique identifiers.

9. Data Retention

We retain personal data only as long as needed:

  • Newsletter email addresses — until you unsubscribe or request deletion. Upon unsubscribe, we remove your address from active lists within 7 days, retaining only a one-way hash (if necessary) to prevent accidental re-subscription.
  • Server / edge logs — up to 30 days, after which they are automatically deleted by our infrastructure providers.
  • Analytics events — up to 90 days in aggregated form. No raw IP addresses are retained.
  • Correspondence (e.g., emails to hello@the483.com) — up to 24 months unless a longer retention is required to resolve a dispute or comply with law.

10. Your Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following rights under GDPR:

  • Right of access — to obtain confirmation of whether we process your data and a copy of it.
  • Right to rectification — to correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) — to request deletion of your data.
  • Right to restriction of processing — to limit how we use your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interest.
  • Right to withdraw consent — at any time, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint with your local data protection authority.

To exercise any of these rights, email hello@the483.com. We will respond within 30 days.

11. Your Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA/CPRA:

  • Right to know what categories of personal information we collect, the sources, the purposes, and the categories of third parties with whom we share it.
  • Right to delete personal information we have collected from you, subject to certain exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of sale or sharing of personal information. The 483 does not sell or share personal information as those terms are defined under the CCPA/CPRA.
  • Right to non-discrimination for exercising any of these rights.

To exercise these rights, email hello@the483.com. We will verify your request using the email address associated with your account or correspondence. You may designate an authorized agent to act on your behalf in accordance with CCPA regulations.

12. Children’s Privacy (COPPA)

The Service is intended for adult professional readers and is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we may have inadvertently collected such information, please contact hello@the483.com and we will delete it promptly. Users in the EEA must be at least 16 (or the local digital-consent age) to subscribe to the newsletter.

13. International Transfers

The 483 is operated from the United States, and our infrastructure providers process data in the United States and other regions. If you are located outside the United States, your data will be transferred to and processed in the U.S., which may have data protection laws different from those in your country.

For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, and on the equivalent UK International Data Transfer Addendum, with our processors. We have evaluated our processors and believe these mechanisms provide adequate safeguards.

14. Security

We take reasonable technical and organizational measures to protect personal data:

  • HTTPS / TLS encryption for all traffic to and from the Service.
  • Encryption at rest for newsletter and log storage with our processors.
  • Access controls — only the operator has access to administrative systems, protected by strong authentication.
  • Minimization — we collect and retain only what we need.
  • Vendor due diligence — we rely on reputable processors with industry-standard security certifications.

No system is perfectly secure. If a data breach affecting your personal data occurs, we will notify you and the relevant supervisory authority as required by applicable law.

15. Changes to Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will revise the “Last updated” date at the top of this page. Material changes will be announced on the homepage and, where appropriate, via the newsletter. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

16. Contact

For any privacy-related question, request, or concern, please contact:

The 483 — Privacy Email: hello@the483.com General: hello@the483.com

We will respond to all legitimate requests within 30 days.