Privacy Policy

Effective: May 18, 2026

This Privacy Policy explains what data Life After Call collects, how it is used, who it is shared with, and the rights you have. It is written to satisfy the Rhode Island Data Transparency and Privacy Protection Act (effective January 1, 2026), the Rhode Island Identity Theft Protection Act, and the federal laws that apply to small online publications. If you live in California, the EU, the UK, or another jurisdiction with broader privacy rights, those rights apply to you as well.

This is a one-person publication run by a practicing physician based in Rhode Island. The data story is small on purpose.

A Rhode Island attorney has not yet reviewed this template. Have one bless it before relying on it.

1. Who runs this site

Life After Call is published by a single individual (“the publisher” or “I”) writing under the first-name-only identity “Alex, MD.” The publisher is a licensed physician in the State of Rhode Island. Life After Call is a personal publication, not a medical practice, and does not provide clinical services.

Contact for privacy questions: [email protected]

2. What personal data I collect

I collect the minimum amount of personal data needed to run a small publication and a newsletter.

Data you give me directly

  • Email address, if you subscribe to the newsletter.
  • Name (optional), if you choose to provide one when subscribing.
  • Anything you send me by email or social message.

Data collected automatically when you visit the site

  • Page-level analytics: which pages were viewed, referring site, approximate country and city derived from IP, browser and device type. Collected through a privacy-respecting analytics tool (see Section 5).
  • Server logs: standard web server logs (IP address, time of request, URL) retained for a short period for security and debugging purposes.

Data I do not collect

  • Patient information. Ever. This site is non-clinical.
  • Health information about you.
  • Financial account information.
  • Social Security numbers or other government identifiers.
  • Precise geolocation.
  • Children’s data (this site is not directed at children under 16).

3. Categories of personal data, defined

Under the Rhode Island Data Transparency and Privacy Protection Act, the following categories describe what I process:

CategoryCollected?
Identifiers (email, name)Yes, if you subscribe
Internet activity (page views, referring site)Yes, in aggregate
Geolocation (approximate, country / city)Yes, in aggregate
Commercial informationNo
Biometric informationNo
Sensitive personal dataNo
Inferences drawn from the aboveNo

I do not process “sensitive data” as that term is defined under Rhode Island law (R.I. Gen. Laws § 6-48.1 et seq.). If that ever changes, this policy will be updated and affirmative consent will be obtained.

4. How I use your data

  • To send you the newsletter, if you subscribed.
  • To understand which posts are being read so I can decide what to write next.
  • To reply to messages you send me.
  • To keep the site running and secure.
  • To comply with legal obligations.

I do not use your data for targeted advertising. I do not use your data to make automated decisions that produce legal or similarly significant effects about you. I do not sell your data.

5. Third parties that process data on my behalf

A short list. Each one has its own privacy policy and you can read them on their websites.

  • Newsletter provider: Beehiiv, Inc. (https://www.beehiiv.com) (stores your email so I can send the newsletter)
  • Analytics: Cloudflare Web Analytics (Cloudflare, Inc.) (aggregates page views)
  • Hosting: Cloudflare Pages (Cloudflare, Inc.) (serves the website)
  • Email delivery: the provider that delivers [email protected] and [email protected] mail

These are processors acting on my instructions. They are not permitted to use your data for their own marketing.

6. Selling and sharing

I do not sell your personal data. I do not share it for cross-context behavioral advertising. I do not have an “opt-out of sale” mechanism because there is nothing to opt out of, and this section is required disclosure anyway.

If that ever changes (it will not), this policy will be updated and an opt-out mechanism will be provided before any sale or share begins.

7. Your rights

Some of these rights are universal under Rhode Island law. Some are stronger under California, EU, or UK law and apply if you live there.

For Rhode Island residents (RIDTPPA)

You have the right to:

  • Confirm whether I process your personal data and access that data.
  • Correct inaccurate personal data.
  • Delete personal data I have about you.
  • Obtain a copy of your personal data in a portable, machine-readable format.
  • Opt out of the sale of your personal data (none takes place; this is preemptive).
  • Opt out of targeted advertising (none takes place).
  • Opt out of profiling that produces legal or similarly significant effects (none takes place).

To exercise any of these rights, email [email protected]. I will respond within 45 days. If your request is complex I may take up to 45 additional days and will tell you why. There is no fee for the first request in a 12-month period.

If I deny your request you can appeal by replying to the denial. If the appeal is denied you may contact the Rhode Island Attorney General’s office.

For California residents (CCPA / CPRA)

You have the equivalent rights under California law (right to know, delete, correct, portability, and opt out of sale and sharing). Same email address. Same timing.

For EU and UK residents (GDPR and UK GDPR)

You have the rights of access, rectification, erasure, restriction, portability, and objection. You also have the right to lodge a complaint with your local data protection authority.

The lawful basis for processing your newsletter subscription is consent (Article 6(1)(a) GDPR). You can withdraw that consent at any time using the unsubscribe link or by emailing me.

The lawful basis for processing analytics data is legitimate interest (Article 6(1)(f) GDPR) in understanding which content is useful.

8. Data retention

  • Newsletter email addresses: retained until you unsubscribe or ask me to delete them.
  • Server logs: retained for approximately 30 days, then deleted.
  • Analytics data: retained in aggregate form for as long as the publication runs.
  • Messages you send me: retained as long as I find them useful to reply to or to inform future writing, unless you ask me to delete them.

9. Cookies

This site uses the smallest set of cookies it can get away with.

  • Analytics: the analytics tool used by this Site, Cloudflare Web Analytics, is cookieless. It uses no cookies or local storage and does not fingerprint your device. It collects page-level performance and view counts without any individual identifier.
  • Newsletter: the newsletter embed may set a first-party cookie when you submit the subscription form, to prevent duplicate submissions. This cookie is set by Beehiiv only after you interact with the form.
  • Hosting: Cloudflare, as the network provider, may set technical cookies (for example, the __cf_bm bot-management cookie) on a session basis. These are not used for marketing or cross-site tracking.

There is no advertising tracking, no cross-site tracking, no fingerprinting, and no third-party advertising cookies. Most browsers’ “Do Not Track” signal is respected where technically feasible. A Global Privacy Control (GPC) signal will be treated as a request to opt out of any sale or share if those ever begin.

10. Security

I maintain a written information security program reasonable to the size of this publication, as required by the Rhode Island Identity Theft Protection Act (R.I. Gen. Laws § 11-49.3 et seq.). Email and analytics data are stored with reputable providers using industry-standard encryption in transit and at rest.

If a security breach affects your personal data, I will notify you in writing within 45 days of confirming the breach, in accordance with R.I. Gen. Laws § 11-49.3-4, and notify the Rhode Island Attorney General if more than 500 Rhode Island residents are affected.

11. Children

This site is written for adult physicians. It is not directed at children under 16. I do not knowingly collect data from children. If you believe a child has provided personal data to this site, email [email protected] and I will delete it promptly.

12. International users

The site is hosted in the United States. If you access it from outside the U.S., your data will be processed in the U.S.

13. Changes to this policy

If I make a material change, I will update the “effective date” at the top of this page and (if the change is significant) note it in a newsletter. Continued use of the site after a change means you accept the updated policy.

14. Contact

Privacy and data requests: [email protected]

General questions: [email protected]

Mailing address available on written request.

Strictly non-clinical. Nothing on this site is medical advice. I do not post about patient care.

Strictly non-clinical. Nothing on this site is medical advice. I do not post about patient care.