Privacy Policy

We care about your privacy at The New Review! We only collect personal information as part of conversations you start, never share it, store it securely, and delete it after 7 days. We follow GDPR & CCPA rules, don't use cookies (at all!), take extra precautions to protect employee and contractor privacy, and are easy to get a hold of at contact@thenewreview.com.


Modern privacy policies are a joke. Most are nearly impossible to understand thanks to confusing legalese that's purposefully crafted in a way that gives the company a legal "out" to mistreat you.

We decided on a very different approach: Create a privacy policy that exists to inform you, not protect us. Yes, this might be easier for us vs others because we collect very little data, we don't hang on to it, and we don't sell, loan, or give away any of it to anyone, but even if we did, this approach to a privacy policy feels right.

+ + +

How we think about privacy

For starters, we actually think about it. In fact, this was the very first page we created! That's because we believe it's the most important page on this entire site.

To find value from our website in your search for the best services, you have to trust not only our editorial advice but also that we'll treat any personal information we collect about you with the same care we give to our own personal data and that of our families and friends.

In fact, right after we decided it was important to do something very different in the online reviews space, we asked ourselves these two questions:

  1. What data must we collect to successfully operate The New Review?
  2. When we must collect data, a) how can we minimize it and/or keep it anonymous, and b) how quickly can we delete it?

The answers to those questions helped drive very early decisions about how we operate this company, including the technology we use to create the pages you're reading, the relationships we choose to have (or not to have) with other companies, and the way we collect and store data important to our business like which pages are visited most often.

Bottom Line: Your privacy matters to us and protecting it plays into every decision we make.

What this policy covers (and doesn't)

This policy covers The New Review (TNR) website, located at thenewreview.com and operated by The New Review LLC. This includes the text, images, metadata (stuff for other computers to read, not humans), and other technical things like the code that makes this whole thing work.

As of the latest update to this page, we don't offer additional digital services like an app or a podcast, nor do we provide services or content on other sites. However, if and when we do any of those things, this privacy policy will, immediately at their launch(es), apply to those services as well.

While this is probably obvious, it's worth pointing out that this policy does not cover sites or services we simply link to. Those sites and services are operated by other companies who have their own privacy policies.

Bottom Line: This policy covers everything on the TNR website at thenewreview.com.

Types of personal information we collect

The only personal information we collect is information you voluntarily provide to us when you contact us via email, in a private or public message to one of our social accounts, or using our Contact Us page. This typically includes your name, email address, and/or social handle, but could include other information if you choose to provide more to us in your message.

Since we do not collect personal information in any other way, and we do not need your personal information to provide the services we provide, the best way to prevent us from collecting your personal information is to simply never initiate contact with us for any reason.

Bottom Line: We only collect personal information you give us if and when you contact us.

When we use your personal information to contact you

The only time we would ever use your personal information to contact you is in the form of a reply to a message you first send us, as we described above.

Direct Email: When we receive a direct email from you, we assume you're giving us permission to reply to that email unless, of course, you specify in that email that we should not reply.

Social Networks: We also assume you're giving us the right to reply to you when you comment on one of our social posts, tag us in your own message, or send us a private message. In general, we operate on a particular social network using the general norms of that network, which typically include interacting directly with you.

Contact Us Page: We make this more explicit here by requiring you to check the "I agree to be contacted in response to my message" box on our Contact Us page before we even let you send us your message. Consider emailing us if you have feedback for us but don't want a reply.

We will never add you to a mailing list or contact you about anything else outside of the conversation you started with us.

Bottom Line: We only contact you if you contact us first and we stick to the conversation at hand.

When and with whom we share your personal information

Never, and with no one. Simple as that.

And just in case you need a bit more of it spelled out:

  • We do not sell your personal data
  • We do not give away your personal data
  • We do not barter with your personal data
  • We do not have green eggs and ham with your personal data

You get the idea. This section of our Privacy Policy is a bit silly because we don't really "store" your personal data at all (more on that below). It's very hard for us to give away, sell, or do anything else with something we don't even have.

Bottom Line: We never (never, never, ever) share your personal data with anyone.

How long we keep your personal information stored

When we talk throughout this policy about "collecting" your personal information, we don't mean we save it and store it somewhere. It just means we receive it when you send it to us and have to "use" it to address you by name or make sure we reply to the right email address or social account.

In other words, our "collecting" of your personal information simply means that your email address and name live in our email inbox while we're writing back and forth. It also means your social handle or name is visible to us when we're corresponding over your favorite social network.

Because we only use your personal data to communicate with you, and we don't do anything else with it, there's no good reason to for us to hang on it any longer than what's needed to complete our conversation. This makes having an aggressive "data retention policy" pretty easy for us:

Email Conversations: When you email us directly, or send us a message from our Contact Us page, we receive that message in one or more @thenewreview.com email inboxes. Seven days after we last hear from you, we automatically delete all parts of our conversation both from our local devices and our remote servers. This permanently deletes your personal information on our end and makes it impossible for us to retrieve it afterwards.

Social Media Conversations: When you contact us on social media, we receive that message either privately or semi-privately in a 2-way or group "direct message" or publicly when you tag or mention us in one of your posts. Seven days after we last hear from you privately, we automatically delete all parts of our conversation from our view, making it impossible for us to retrieve it afterwards.

Please understand that we have no ability (or interest) in deleting a public post you've made, nor our private conversation that's still visible to you. We also have no control over how long a particular social media service stores our private or public conversations on their servers, regardless of what either of us have deleted. That's something you can learn more about on the service's own privacy or data retention policy pages.

It's also worth mentioning here that, both for email and social, we have no control over anywhere else you might store all or part of our conversation, which may contain your personal information. This might include your own device, email servers, or other locations you've chosen to store our conversation, or even locations the conversation might be stored automatically because of how your email or social network accounts are set up.

Bottom Line: We store your personal information no longer than 7 days after we last hear from you.

How to request that we (more quickly) delete your personal information

If 7 days is too long for you, the best way to request a faster removal of our conversation (which, again, is the only way we're made aware of your personal information) is to just ask us to delete the conversation as our conversation ends.

For example, as we're wrapping up a few emails about the best VPN service for some specific situation you have, you could say "Thanks again for the help! Please delete this conversation now. No further reply needed." That's a clear message that would result in us deleting our conversation immediately after reading. You could also send a similar message within 7 days of your last email to us with a similar request.

It gets a little funny beyond the example above, however. Asking us to remove your personal information from our devices and servers more than 7 days after you last emailed us just serves to again give us your personal information! You're more than welcome to reach out in this case anyway but we won't be able to find anything with your name, email, or social handle on it on any of our systems and then we'll have to figure out together how to handle the removal of this conversation as well.

Bottom Line: Just ask.

Where your personal information is stored

Technically, as we briefly mentioned a few sections above, the only places your personal information might be stored that we have anything to do with is, at most, a) secure software on one or more of our own secure devices, including computers, laptops, smartphones, etc., and b) secure email and related servers.

Geographically, the people that staff our business, editorial, and other departments at TNR are physically based the US, meaning all of our own devices (where your personal data could live for up to 7 days) are located in the US as well. The email servers we use are also, as of the latest update to this page, all physically located in the US.

The pages on our website, however, could be delivered to you from almost anywhere on Earth. This means that when you initiate a conversation with us from outside the US using our Contact Us page, you could be sending your message (including your email address and any other personal information you choose to provide) through servers located outside the US. This is not the same as "storing" your information and, like most websites, we encrypt all of this data so only you and us can see it.

Bottom Line: On secure local devices and remote servers in the US.

How we use cookies and other tracking technologies

We don't use cookies. Really, we don't! 🤯

Cookies can be used for lots of benign reasons but more often than not they're used to track you as you move around the internet, building a profile of your behavior that's sold to the highest bidder who then delivers targeted advertising, political, and other messaging.

So, to keep things simple, we've decided to do away with these little files altogether.

Avoiding all use of cookies isn't easy. It restricts, and often complicates, the technologies we use to operate this site. In some cases, avoiding cookies means that we purposefully don't collect non-identifiable information that would make it easier to run our business, or even make more money, but as you've learned by now, we respect your privacy more than that.

We do track which pages are being visited and how people interact with those pages in general but we do so in a completely anonymous and cookie-free way, making it impossible to connect to any individual person.

Bottom Line: We don't use cookies at all. What tracking we do use is 100% anonymous and is used only to know which of our pages are being visited how they're being used (not who is visiting them).

How we incorporate GDPR & CCPA rules

GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) are two different sets of government regulations created to force businesses that deal with your private information to do so with much more transparency and restraint than most were doing before these laws took effect.

Specifically, these regulations outline the rules by which businesses can collect, store, and sell your personal data, and when and how they must get your permission to do so and allow you to opt out, among other things.

GDPR: The General Data Protection Regulation (GDPR) regulates the use and transfer of personal information in and out of the EU and EEA. It became effective on May 25, 2018. You can read more about it on the GDPR Wikipedia page.

CCPA: The California Consumer Privacy Act (CCPA) regulates privacy rights for residents of the state of California in the US. It became effective on January 1, 2020. You can read more about it on the CCPA Wikipedia page.

Based on our current legal understanding, TNR is exempt from both laws, either due to our size (CCPA) or due to the method by which we "collect" personal data (GDPR). That said, frankly, we couldn't care less if we're exempt and, as best we can within our resources, act as though we're subject to the rules of both.

We respect the letter and spirit of both GDPR and CCPA. We hope to have made even more progressive steps than either law but we referenced them both extensively as we built our business and crafted this Privacy Policy and our other policies.

Bottom Line: We aren't subject to either law but we pretend we are.

How we protect the privacy of our employees

Leaping over the competition when it comes to ethics and editorial standards (among other things) in the review business puts your employees at risk. This is most important for those at TNR who are secretly researching and reviewing services run by companies with sales and marketing teams that would pay just about anything to be written about and ranked better than they might deserve.

Because of this risk, both to the integrity of the reviews you read here and to the safety and comfort of each member of our team, we made the decision at the time of our founding to refrain from publishing any of our real names, locations, or other personally identifiable information. This goes for all of our full-time and part-time employees, as well as contractors we engage with.

This was a bold decision, and one that has very important implications for our business as well as your trust. We get into this in great detail in our Anonymity Policy page. We also touch on it in our Radical Transparency page.

Bottom Line: We keep all members of our team anonymous, fully protecting their privacy.

How to find out about changes to this policy

It's pretty common for us to update this Privacy Policy, as well as our other policies, disclosures, and related pages, from time to time. As part our commitment to radical transparency, details on any and all changes made are available on that page's respective Document History page.

For this Privacy Policy, those changes can be found on our Privacy Policy: Document History page. Like with all pages on TNR that have had a change since they were published, you can find that link under the title, next to the last updated date, at the top of the page.

Bottom Line: The same way on all of our pages: using our Document History feature.

How to contact us

You have three ways to contact us about this privacy policy:

  • Email us directly at contact@thenewreview.com
  • Email us via our Contact Us page
  • Send us mail (yes, the old fashioned way) at The New Review LLC, 120 Madeira Drive Northeast, Suite 220, Albuquerque, New Mexico 87108, USA, Earth