Privacy

I really don't like how services hide what they're doing inside long usage agreements and privacy policies. The standard pattern these days is forced-arbitration clauses, vague claims about “partners,” opt-out mechanisms buried four pages deep, and dark-pattern consent flows. watts.bar is a passion project, and this privacy policy is written by me, a guy who lives on the lake and wants to provide a useful service to the community, not by a lawyer trying to obscure what's actually happening. If you want the technical specifics on how the site is built, those live at /about-this-site/.

The short version

I don't keep your personal information. There's no account system here, nothing to sign up for, no email list, no advertising relationship, and nothing's being sold or shared with anybody. What I see is roughly how many people use the site and which pages they find useful. That's the whole picture.

Why this is even worth saying

watts.bar is a personal project I run from a private dock at Tennessee River Mile 559.5. The site is free, has no ads, and there's nothing to log into. I built it because a 39,000-acre lake with thousands of families on it deserves a real public-information resource, and nobody else built one.

The privacy posture follows from that. Most websites today collect every piece of behavioral data they can. They want to know what you clicked, where you came from, where you went next, what you typed in a form before deleting it. Then they feed it to Google, Facebook, and the wider ad-tech network. I built watts.bar specifically to avoid doing any of that. It cost more time to build it this way; that's the point.

What I collect

Cloudflare zone analytics. Cloudflare is the CDN that serves every page on this site. CDN is short for “content delivery network,” which in plain English means they sit between visitors and the actual server where the site is built, with copies of every page cached at data centers around the world so that wherever you're loading from, the page comes back fast. They handle the bandwidth, the security filtering, and the routing. As part of doing that, they show me a dashboard with generalized stats: how many requests were served, how much bandwidth was used, what countries the visitors came from in aggregate, which pages got the most traffic. None of it ties back to a specific person or browser. It's the same kind of summary a hosting provider has shown website operators for thirty years.

Self-hosted Plausible analytics. Plausible is an open-source, privacy-respecting alternative to Google Analytics. I run my own copy on hardware I physically own, sitting in a rack at my house. The data flows from the site to that hardware encrypted and tunneled through a VPN, which means not even the home internet provider I use (Xfinity, with T-Mobile cellular as a backup) sees what's passing through the wire. No third party (no analytics SaaS company, no cloud host, no ISP) has any visibility into the data. It's about as locked-down a setup as you can build for a small project; effectively the best-case scenario for keeping a website's analytics out of anyone else's hands.

What Plausible actually tells me is things like “how many people looked at the Watts Bar fishing guide this week” and “which page is the most popular landing point from search engines.” It doesn't use cookies, doesn't fingerprint your device, doesn't follow you across other websites, and doesn't generate a unique identifier per visitor. It's specifically designed as the answer to the question, “How can I get useful insights on my own website to make it better, without exposing visitors to having all of their information harvested by Google or Facebook?”

Browser local storage. Two small bits of data live in your browser only and never travel anywhere. The most recent lake-tint color, so the page doesn't flash a wrong color before the live cam image loads. The most recent live temperature reading, so the chip in the corner of the header shows something instead of a dash on first paint. Both can be cleared at any time via your browser's site-data controls. I can't see them.

If you install the site as a PWA. PWA stands for Progressive Web App. Modern browsers can install certain websites onto your phone or computer as if they were native apps; on watts.bar, that's the “Add to Home Screen” option on iOS or the install prompt on Android and desktop Chrome. When you do that, the browser caches more of the site locally so it can launch faster and work even when your network is bad. I have nothing to do with this cache. I can't see what's in it. You can clear it at any time through your phone's app management or your browser's site-data controls. I also don't care what's in there. It's your device, not mine.

What I don't collect

The closest thing to an ad anywhere on watts.bar is the link on the homepage to my Airbnb on the lake. That link doesn't have an affiliate code on it. Plausible does count outbound clicks as part of measuring how people leave the site, so I can technically see “someone clicked the Airbnb link this week” as a number on a dashboard. What I can't see is whether that person actually booked the cabin, who they were, or anything else. The cabin is booked up most of the time anyway. I run watts.bar to make the lake a better place to visit, not to drive cabin bookings.

About Google Places photos and POI data

This one needs a small explanation, because it could otherwise look like a violation of everything above.

The /eat/, /marinas/, /boat-ramps/, and similar directory pages show data and photos from Google Places. I use Google Places as a research source to keep the directory accurate. But I've gone out of my way to build the site so that Google never knows what you, the visitor, are looking at while you're on watts.bar.

Here's how that works in plain English. Every few weeks, the watts.bar server makes a batch call to Google's Places API, refreshes the directory, saves the results to my own storage, and then serves the saved version from my own infrastructure. Your browser only ever talks to watts.bar. It never talks to Google. Google has no idea you're reading the page about Blue Springs Marina, no idea you live in Tennessee, no idea you're considering a fishing trip. They got their batch query a few weeks ago, gave me the data, and they're done.

The easy way to build this would have been to embed Google's tracker on every page. I didn't.

If you use the contact form

If you send a message via the contact form, it gets piped into a private Discord server that only I have access to. The server is locked down with the same boundary controls as the rest of the infrastructure on the site. Strictly speaking, this is the one corner where your message touches a third-party service, so it's worth saying out loud: while it's in transit and stored on Discord's servers, Discord's own privacy terms apply. Their policy is at discord.com/privacy. After that, the message lives only in the alerts channel I read.

The email field on the form is optional. If you don't fill it in, your message is as anonymous as you want it to be. I can't reply if there's no email, but that's a fair trade-off if you're just dropping a tip about a marina that closed or a phone number that's wrong.

I delete contact-form messages from Discord after I've acted on them. The alerts channel stays clean that way, and the practical effect is that most messages are gone within a day or two. If you'd like an older one removed (or if you live somewhere that gives you a legal right to that, like the EU or California), reach out and I'll confirm the deletion. But realistically, the answer to “what information do you have about me” is effectively nothing. The message has almost certainly already been actioned and deleted by the time you're asking, and ironically enough, the only thing that will need to be deleted is your message telling me to delete your messages.

About GDPR, CCPA, and other privacy regulations

If you're visiting from the EU, the UK, California, or one of the other places with serious privacy laws on the books, the short answer is that watts.bar is not the kind of website those laws were written to constrain. There's no advertising relationship here, no data-broker arrangement, no behavioral profile-building. None of the patterns that prompted the modern privacy-law movement happen on this site.

That said, you have whatever rights those laws give you against any operator. If you'd like me to delete a contact-form message you sent, reach out and it's done. If you'd like to know what I have on file about you, the answer is almost certainly nothing, but you're welcome to ask.

Children

watts.bar doesn't knowingly collect information from anyone, including children under 13. There's no signup process to age-gate, so the COPPA-style protections don't really come into play here, but I wanted to address it directly.

Changes to this policy

I'll update this page if anything material changes, and note the date below. But realistically, this is a passion project that reflects what I value as a member of the open-source community. Eventually I'll likely release the source code that powers this site for free, so other people can run their own versions focused on their own areas. I just need to find time to make the codebase less embarrassing first. My personal projects are built prioritizing speed of feature releases, not readable or reasonable code that someone else could learn anything from other than what code written by an idiot looks like, and GitHub is full of way better examples of that if you're into it.

Nothing on this site is for sale. I'm not interested in selling. There's no motivation to ever change anything foundational about how privacy works here. If anything, the trend will be toward more transparency, not less. Don't expect to come back in three years and find a 4,000-word lawyer-written document where this one used to be.

The full change history of the policy lives in the site's git history, which is permanent.

Questions

Questions about privacy go to me through the contact form.

Last updated: 2026-05-02.