Last updated: May 17, 2026
The Fabulous is a publication owned and operated by VGM LLC ("VGM," "we," "us," or "our"). This policy covers the website at thefabulous.news, the email digest, and the companion iOS app (collectively, the "Service"). It explains what we collect, how we use it, who we share it with, and the choices you have. We try to collect as little as possible and to be plain about what we do.
Quick Summary
- We do not use cookies. We do not run third-party trackers, analytics scripts, or advertising pixels.
- You can read the site without an account, without giving us your name, and without being tracked across the web.
- If you subscribe, sign in, or send a payment, we collect what's needed to deliver that feature and nothing more.
- We do not sell your personal information. We do not run third-party advertising trackers.
- You can unsubscribe, request your data, or ask us to delete your account at any time.
Information We Collect
Information you give us
- Email address — when you subscribe to the daily digest or any newsletter form on the site.
- Account profile — if you create an account or sign in with Apple, we receive a unique identifier from Apple along with the name and email you choose to share. You can also add a display name, ZIP code, followed categories, followed neighborhoods, digest frequency, and notification preferences from your account page.
- Tips, corrections, and messages — anything you email us at hello@thefabulous.news, or our other addresses.
- Payment information — when you donate or purchase an advertisement, payment details (card number, billing address) are entered directly into Stripe's secure checkout. We never see or store your full card number; we receive only a Stripe customer/charge identifier and basic receipt metadata.
- Advertiser content — if you place an ad, we store the creative, targeting choices, and contact information you provide.
Information collected automatically
- Server logs — our hosting provider records standard request data (IP address, user agent, requested URL, timestamp, referrer) for technical operation, security, and abuse prevention.
- Approximate location — to show neighborhood-relevant news and ads, our content delivery network passes along a coarse, IP-derived country, region, and city as request headers. We do not use precise GPS location, and we do not ask your browser for the geolocation permission.
- Reading behavior — to reorder homepage sections to match what you read, your browser locally records which articles, categories, and neighborhoods you click on. For anonymous readers this stays in your browser's local storage and is never sent to our servers. For signed-in readers we may sync category preferences to your profile so they follow you across devices.
- First-party analytics — we run our own analytics on our own servers (no third-party services involved). Each pageview records: page path, page title, referring URL, query string and UTM parameters, browser, operating system, device type, approximate country/region/city from edge headers, and timing data (time on page, scroll depth). Visitors are identified by a daily-rotating hash of IP + User-Agent (no cookies, no cross-site tracking, no persistent identifier). Ad impressions and clicks on ads we serve are recorded the same way — page, geo, ad ID — so advertisers and we can measure performance. None of this data is shared with third parties.
- Push notification tokens — if you opt into web push or app notifications, we store the token your browser or device issues so we can deliver the notifications you asked for. You can revoke this at any time in your browser or device settings.
- Auth and session storage — when you sign in, we store short-lived authentication tokens in your browser's local storage so you stay signed in. We use session storage to remember where to return you after sign-in and to cache the editorial blocklist briefly.
How We Use Your Information
- Deliver the daily digest, transactional emails, and notifications you've signed up for.
- Operate your account, sync preferences across devices, and remember articles you save.
- Personalize the homepage and feed based on the categories and neighborhoods you engage with.
- Process donations and advertising payments through Stripe.
- Serve and measure advertisements you see on the site (aggregate impressions and clicks only — no cross-site profiling).
- Protect the Service from abuse, fraud, and technical attacks.
- Comply with legal obligations and respond to lawful requests.
We do not use your information to build a profile for cross-site advertising, sell it to data brokers, or train third-party AI models.
Browser Storage (No Cookies)
The Fabulous does not use cookies. We do not set first-party cookies, and we do not embed third-party scripts that set cookies (no Google Analytics, no Facebook Pixel, no advertising retargeting). Because we use no cookies, there is no cookie banner to dismiss.
To make the site work, we use two browser-local storage mechanisms that stay on your device and are never transmitted to third parties:
- Local storage — short-lived authentication tokens (so you stay signed in), your reading preferences, your estimated ZIP, pending subscribe email, and (for anonymous users) reading-behavior signals used to personalize the homepage.
- Session storage — caches the editorial blocklist for up to ten minutes and remembers the page to return you to after sign-in. Cleared automatically when you close the tab.
You can clear local and session storage from your browser settings at any time; doing so will sign you out and reset personalization.
Service Providers
We rely on a small set of vendors to operate the Service. Each receives only the information needed for its role and is bound by contract or its own published terms:
- Our cloud hosting provider — U.S.-based infrastructure-as-a-service for object storage, content delivery with edge geolocation, serverless compute, federated identity, secret management, and a self-hosted MongoDB instance running inside our private network. All data we store sits inside our own cloud account; we do not use third-party managed database services.
- Apple — Sign in with Apple federated identity; Apple Push Notification service for the iOS app; Apple MapKit for neighborhood targeting on advertising and feed pages.
- Stripe — payment processing for donations and advertising. Stripe collects card data directly under its own privacy policy.
- Email delivery providers — to send the daily digest, transactional email, and unsubscribe handling.
How We Share Information
We do not sell or rent your personal information. We share it only:
- With the service providers listed above, to operate the Service.
- When required by law, valid legal process, or to protect rights, safety, and property.
- In connection with a merger, acquisition, or sale of assets, in which case we will give notice before your information becomes subject to a different privacy policy.
- With your consent or at your direction (for example, when you share an article to a social network).
Data Retention
We keep your information only as long as needed to provide the Service and meet legal or accounting obligations. Email addresses and account records remain until you unsubscribe or delete your account. Payment records may be retained for up to seven years to comply with tax and financial regulations. Server logs are typically retained for 90 days. Anonymous reading-behavior signals stored in your browser stay there until you clear them.
Your Choices and Rights
- Unsubscribe — every email has a one-click unsubscribe link. You can also email hello@thefabulous.news.
- Notifications — manage web push and iOS notifications from your browser or device settings, or from your account page.
- Access, correct, or delete — sign in to your account to update your profile, or email privacy@thefabulous.news to request a copy of your data or full deletion of your account.
- Reset personalization — clear your browser's local storage to remove anonymous reading-behavior signals and your estimated ZIP.
California residents (CCPA/CPRA)
You have the right to know what personal information we collect, to request deletion, to correct inaccurate information, and to opt out of any "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law. To exercise your rights, email privacy@thefabulous.news. We do not discriminate against users who exercise these rights.
EU/UK and other jurisdictions
If you are in the European Economic Area, the United Kingdom, or another jurisdiction with comparable privacy laws, you may have rights of access, rectification, erasure, restriction, portability, and objection regarding your personal data. Our lawful bases for processing are: consent (for marketing emails and notifications), contract (to operate your account and process payments), legitimate interests (for security, abuse prevention, and editorial product improvement), and legal obligation (for tax and compliance records). Contact privacy@thefabulous.news to exercise any of these rights.
Security
We serve all traffic over HTTPS. Public content responses are additionally encrypted in transit with an application-layer key, decrypted only in your browser. Authentication uses short-lived tokens issued by our federated identity provider. Payment card data is collected and stored by Stripe under PCI-DSS standards — we never touch full card numbers. We restrict internal access to production data to a small number of authorized personnel. No system is perfectly secure, so we encourage you to use a strong, unique password (or Sign in with Apple) and to keep your email account secure.
International Transfers
The Fabulous is operated from the United States, and all of our service providers store data in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, which may have different data protection rules than your home country.
Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, email privacy@thefabulous.news and we will delete it.
Do Not Track
We do not track users across third-party websites, so we do not change our behavior based on Do Not Track signals. We honor the Global Privacy Control (GPC) signal as a request to opt out of any future "sale" or "sharing" of personal information.
Changes to This Policy
We may update this policy from time to time. The "Last updated" date at the top will always reflect the current version. For material changes that affect how we use information you've already shared, we will notify subscribers by email or by a prominent notice on the Service before the change takes effect.
Contact Us
Privacy questions, data requests, or concerns? Email privacy@thefabulous.news or hello@thefabulous.news.
See also our Terms of Service.