Last updated
Privacy Policy
Who we are
Modern Scholar is operated from North Carolina, USA. We act as the data controller under the GDPR. Questions, requests, and notices should go to [email protected].
We do not yet have a postal address. If that changes, we'll add the address here and update the "Last updated" date at the top of this page.
What we collect
We want to be precise about this, as most of what privacy policies claim to collect is not something we ever interact with. Here is the complete list:
- Server logs from our hosting provider. When your browser requests a page, our hosting provider automatically records your IP address, user-agent string, the URL you requested, and a timestamp. We use these only for security and debugging.
- A few preferences your browser stores locally. We use the browser's
localStorageto remember three things:theme— whether you've chosen light or dark mode.ms-comparison— the scholarships you've added to your comparison list.ms-settings— small UI preferences for the scholarship browser.
- Emails you send us. If you email [email protected], the message is delivered to our inbox. We keep it as long as we need to respond and will delete it on request.
That's it. We do not run analytics, advertising pixels, session replay, fingerprinting, A/B testing, or cross-site tracking of any kind. We do not ask for your name, email, school, or any other personal information unless you choose to put it in an email to us.
Why we collect it
For visitors in the EU and UK, the GDPR requires us to name a legal basis for each thing we do with your data. Here are ours:
- Server logs: legitimate interest. We need them to keep the site running, diagnose errors, and detect abuse. The data is minimal and short-lived.
- localStorage preferences: user-initiated. They exist because you interacted with the site (changed the theme, saved a scholarship, adjusted a setting). They live on your device and you can clear them anytime.
- Emails you send us: user-initiated. You wrote to us; we read and reply.
Where data goes
We use a small set of third-party services to deliver the site. None of them set first-party cookies on Modern Scholar, and none of them receive data we've combined with anything personal.
- Our hosting provider hosts the site in the United States and sees the request data described above.
We don't sell or share your personal information with anyone for marketing, advertising, or any other commercial purpose. If we ever add a service that would change this, we'll update this section first.
How long we keep it
- Hosting provider server logs: approximately 30 days. We don't extend this window.
- localStorage values: stay in your browser until you clear them. Clearing your site data removes them immediately.
- Inbound emails: kept as long as we reasonably need to respond and follow up. We'll delete a message on request.
Your rights
Depending on your location, privacy laws grant you specific rights regarding the data we collect about you. To exercise any of these rights, please send an email.[email protected]. We respond within 30 days. In practice we hold very little, so most requests resolve quickly.
If you’re in the EU or UK (GDPR)
You have the right to:
- access the data we hold about you;
- correct anything that's wrong;
- ask us to delete it;
- restrict or object to specific processing (for example, legitimate-interest server logging);
- receive a copy of data you've given us in a portable format;
- lodge a complaint with your local supervisory authority if you think we've mishandled your data.
We won't charge you to exercise a right, and we won't penalize you for using one.
If you’re in California (CCPA / CPRA)
You have the right to:
- know what categories of personal information we collect;
- access the specific pieces of personal information we hold about you;
- request that we delete it;
- request that we correct inaccurate information;
- not be discriminated against for exercising any of these.
We do not sell or share personal information, as those terms are defined under California law. We have not done so in the last twelve months and we have no plans to. Because there is nothing to opt out of, we don't publish a "Do Not Sell or Share My Personal Information" link.
Children's privacy
Modern Scholar is not directed to children under 13. We don't knowingly collect personal information from anyone under 13. The site has no signup or submission flow, so in practice we don't collect personal information from anyone, regardless of age.
International transfers
Modern Scholar is hosted in the United States. If you're visiting from the EU, UK, or another region with data protection rules, your request data is processed in the US. We rely on our hosting provider's Data Processing Addendum and Standard Contractual Clauses as the legal mechanism for these transfers.
The data involved is the minimal set described above — server log fields, nothing more.
Changes to this policy
We'll update this policy when something changes — for example, when we add a feature that touches new data. Small edits (typo fixes, clarifications) refresh the "Last updated" date at the top of the page.
For material changes — anything that affects what we collect, why, or who sees it — we'll surface a notice on the homepage for 14 days so returning visitors don't miss it.
If we ever experience a security breach affecting personal information, we'll notify affected users by email and via a homepage banner within 72 hours of confirming the incident, as required by GDPR and applicable US state laws.
Contact
For any privacy question, request, or complaint, email us at [email protected]. One inbox handles general, privacy, deletion, and breach correspondence.