CornerBeat
Privacy Policy
Last updated: May 8, 2026
This policy describes what CornerBeat collects when you subscribe to one of our daily metro newsletters, how we use that information, and the choices you have. We try to keep it short and honest. If a question isn't answered here, email info@cornerbeat.com and we'll respond.
Who we are
CornerBeat is a daily local-news service operated as a sole proprietorship in the United States. Our mailing address is 1500 N Grant St #10490, Denver, CO 80203. The service is delivered from news.cornerbeat.com; replies go to info@cornerbeat.com.
What we collect
We collect the minimum needed to deliver a newsletter and keep our spam reputation clean.
- Email address. Always. This is what we send the newsletter to.
- ZIP code or city. Used to route you to the right metro newsletter (we may eventually offer multiple) and for aggregate signup-region analytics. We don't share it with anyone.
- First name / last name / phone: only if you submitted them via a Facebook lead-ad form that asked for them. We don't otherwise ask for these. Phone is never used for SMS.
- Engagement signals. Whether each email was delivered, opened, clicked, bounced, marked spam, or unsubscribed. Used only to maintain deliverability (e.g. suppress hard bounces) and improve which stories we run.
- Source of signup. We tag whether you signed up via the website form, a Facebook ad (and which campaign), a referral link, etc. Used for marketing-mix analysis only.
- Standard server logs when you visit cornerbeat.com or click a link in our newsletter: IP address, browser user-agent, timestamps. Retained for 90 days for fraud / abuse detection. Not joined back to your subscription record.
We do not collect: location data, contacts, photos, payment info (the service is free), social-media activity, or anything Facebook makes available beyond what's submitted via a lead-ad form.
How we use it
- To send you the newsletter you signed up for, every weekday.
- To confirm your signup is real (a one-time double-opt-in email).
- To suppress sends to addresses that have hard-bounced or marked us as spam.
- To produce aggregate analytics on signup performance and content engagement (no individual user is profiled).
- To respond when you reply to an email.
Who we share it with
We use a few third parties to operate the service. They access your data only to provide their service, under contract to keep it confidential and secure. We don't sell or rent your data to anyone, ever.
- Resend (resend.com): sends the actual emails on our behalf. They process recipient addresses, message content, and delivery telemetry.
- Supabase (supabase.com): hosts our database and runs the application backend. All data is stored here, encrypted at rest.
- Cloudflare (cloudflare.com): DNS, edge network, and inbound email routing for
cornerbeat.com.
- Vercel (vercel.com): hosts the cornerbeat.com website.
- Meta / Facebook: we use the Meta Pixel and the Meta Conversions API to measure ad performance. On our public pages (the home page and other landing/signup pages, the confirmation landing page, and the public preview of past newsletters) a Meta JavaScript tag fires events like
PageView, Subscribe, CompleteRegistration, and ViewContent. When you submit the subscribe form, we also fire a matching server-side event from our backend containing your hashed (SHA-256) email address, the Meta browser cookies (_fbp/_fbc) if present, your IP, and your user agent. Meta uses this to attribute conversions to ad clicks. We do not give Meta plaintext PII. When you sign up via a Facebook lead ad, the ad platform also passes us your submitted form fields; we do not give Meta any data they didn't already have.
We may disclose information if compelled by valid legal process (subpoena, court order). We'd push back on overbroad requests.
How long we keep it
- Active subscribers: as long as you're subscribed.
- Unsubscribed addresses: we keep just enough to honor your unsubscribe (the email address itself, marked as suppressed) so we don't accidentally re-mail you. The rest of the record is purged after 90 days.
- Engagement events: 13 months for ongoing deliverability tuning; aggregated indefinitely.
- Server logs: 90 days.
Your choices
- Unsubscribe. Every email has a one-click unsubscribe link in the footer. You can also email info@cornerbeat.com with the address you'd like removed.
- See your data. Email info@cornerbeat.com from the address you signed up with and we'll send you everything we have within 30 days.
- Delete your data. See our Data Deletion page. We'll permanently delete your record within 30 days of a verified request.
- Correct your data. Reply to any email and tell us what to change.
If you're a California resident under CCPA, an EU resident under GDPR, or covered by a similar law, you have the rights granted by that law. The mechanism is the same: email info@cornerbeat.com from your subscribed address. We don't sell or share personal information for cross-context behavioral advertising.
Children
CornerBeat is not directed at children under 13 (or under 16 in the EU/UK). If you believe a minor has subscribed, email info@cornerbeat.com and we'll remove the address.
Security
We use industry-standard infrastructure (Supabase / Vercel / Resend / Cloudflare) with TLS in transit, encryption at rest, role-based access controls, and audit logging. No system is perfectly secure; if we discover a breach affecting subscriber data we'll notify affected addresses promptly per applicable law.
Changes
If we update this policy materially, we'll email subscribers and post the prior version's date below. Minor edits (typos, link fixes) won't trigger a notice.
Contact
Questions, requests, complaints: info@cornerbeat.com. Postal: CornerBeat, 1500 N Grant St #10490, Denver, CO 80203, USA.