Penzu Privacy & Consent Controls: What’s Collected, Who Can Access It, and How You Stay in Control

Penzu is a free online private diary and personal journal service. Because journaling is personal by nature, many people want to understand exactly how privacy choices work before they start writing. Penzu addresses this by presenting a Consent Management Platform (CMP) that explains what data may be processed, for what purposes, and how you can accept, decline, or manage options at a detailed level.

This guide breaks down what the consent notice communicates: the types of data involved (like cookies, unique identifiers, IP address, browsing and interaction data, and optionally precise geolocation), the potential role of up to 210 third-party partners, how long your privacy choices are stored (roughly 390 days), and how your decisions can influence targeted ads and personalized content.


Why Penzu’s CMP matters for a “private journal” experience

A consent prompt can feel like a speed bump, but it also provides a real advantage: clarity. Penzu’s CMP lays out the “what” and “why” of data processing in a way that helps you make informed choices, including:

  • Clear options to consent, decline, or manage preferences.
  • Vendor transparency, including a partner count that may reach 210 partners.
  • Purpose-by-purpose controls, so you can align tracking and personalization with your comfort level.
  • Saved choices so your settings can be respected on future visits (with a stated maximum duration).

For users who care about privacy, that’s a meaningful benefit: you get to decide how much personalization you want, rather than being left guessing.


What Penzu asks consent for (purposes explained in plain English)

According to the consent notice, Penzu requests consent to use personal data for several advertising and content-related purposes. These purposes are common across many sites using the IAB Transparency and Consent Framework (TCF), and Penzu’s CMP describes them in user-facing language.

Core categories of purposes mentioned

  • Personalised advertising and content (showing ads and content tailored to predicted interests).
  • Advertising and content measurement (understanding whether ads or content performed well).
  • Audience research (learning about groups of users via statistics and analysis).
  • Services development (improving and developing products and services based on interactions).
  • Store and/or access information on a device (using cookies or similar identifiers to recognize a device).
  • Security and fraud prevention (monitoring for suspicious activity and fixing errors).
  • Technical delivery (using certain info to ensure content and ads can be delivered properly).

In practice, these purposes can influence how your experience feels: more consent can enable more personalization, while less consent can reduce targeted advertising and profiling-based recommendations.


What kinds of data the notice says may be processed

Penzu’s CMP describes both personal data and device data that may be stored, accessed, or shared. Here’s a practical summary of the data types explicitly referenced in the notice and vendor examples.

Data types called out in the consent notice

  • Cookies and similar storage technologies.
  • Unique identifiers and other device data (for example, device or login-based identifiers).
  • IP address.
  • Browsing and interaction data (what you view, click, submit, or interact with).
  • Device characteristics (examples in the notice include browser type, language, screen size, and supported technologies).
  • Non-precise location data.
  • Precise geolocation data (only “with your acceptance,” described as within a radius of less than 500 metres).
  • User-provided data (listed in some vendor entries as a possible data category).
  • Users’ profiles (profiles built or improved based on activity, used for personalization and ad selection).
  • Privacy choices (your consent selections are stored and communicated as signals so they can be respected).

Importantly, the notice frames these data types in the context of specific purposes (such as measuring performance, developing services, or selecting personalized ads). That purpose-based mapping is what makes consent controls more actionable: you can tie each data use to an outcome.


Partner and vendor transparency: “up to 210 partners”

Penzu’s consent notice states that personal data and device information may be stored by, accessed by, and shared with 210 partners, or used specifically by the site.

From a user perspective, the big benefit of this approach is visibility. Instead of a vague “we share data with partners,” the CMP provides:

  • Partner counts (so you understand scale).
  • A list of partners (so you can see who may be involved).
  • Per-vendor details in many cases (including examples of cookie duration and data categories processed).

This transparency supports more confident decision-making: you can tailor consent to your personal comfort level, whether you prefer broad approval, broad opt-out, or a curated set of vendors.


Consent vs. legitimate interest: what the difference means in practice

The CMP explains that some vendors process personal data based on consent, while some may process based on legitimate interest. The notice also states you can object to legitimate interest processing by managing your options within the CMP.

How to interpret this for your journaling workflow

  • Consent: you actively allow specific purposes and vendors.
  • Legitimate interest: certain processing may occur under a vendor’s stated legitimate interest basis, but you can typically object via the CMP controls described.

For users focused on privacy, this distinction is valuable because it shows where you have an opt-in choice versus where you may have an objection/opt-out style choice. Either way, Penzu’s CMP is designed to put those controls in one place.


How profiling works (and how your choices influence it)

The consent notice describes “profiling” in a practical way: information about your activity (like interactions with forms and content) can be stored and combined with other information to build or improve a profile, which can then be used to select advertising or content.

What “create profiles” and “use profiles” typically involve (as described)

  • Create profiles for personalised advertising: building or improving a profile that may include possible interests and personal aspects, based on activity on the service and potentially other websites or apps.
  • Use profiles to select personalised advertising: showing ads based on that profile.
  • Create profiles to personalise content: shaping content relevance or ordering based on predicted interests.
  • Use profiles to select personalised content: selecting or ordering content using the personalisation profile.

The key takeaway is that your consent choices affect personalization. If you opt into more profile-based purposes, the experience may include more targeted ads and more tailored content. If you decline profile-based purposes, the experience may rely more on contextual signals (like the page you’re on) rather than a longer-term profile.


Where your privacy choices are stored, and for how long (390 days)

Penzu’s CMP explicitly explains that your choices must be stored so the site and its partners can respect them in the future. It also provides a retention window: choices are stored for a maximum duration of 390 days (and may be invalidated after that period).

Storage methods described by platform type

PlatformWhere choices are storedDuration stated
WebsitesA cookie named FCCDCFMaximum 390 days
AppsDevice storage prefixed by IABTCF_Invalidated after 390 days; overwritten when you make new choices
AMP sitesLocal storage prefixed by amp-storeInvalidated after 390 days; overwritten when you make new choices

This is a practical privacy feature: saving choices reduces the need to re-answer the same consent questions repeatedly while still providing a defined time window after which choices may need refreshing.


Cookie duration vs. consent choice duration: what to understand

The CMP describes a maximum duration for storing your consent choices (390 days), but vendor lists may also include separate cookie durations for individual vendors (some examples include 90 days, 365 days, 730 days, and longer).

These two ideas are related but not identical:

  • Consent choice storage: how long the CMP keeps your selection signal so the site and partners know what you allowed or declined.
  • Vendor cookie/storage duration: how long a vendor’s cookie or other storage mechanism may persist, as shown in vendor details.

From a control standpoint, the benefit is that the CMP provides a single interface where you can update choices even when different vendors have different storage lifecycles.


What happens if you don’t consent?

The consent notice includes prompts such as “What if I don’t consent?” and emphasizes that your choices affect personalized advertising. While the notice focuses on enabling informed choice, the practical implication is straightforward: declining certain purposes and vendors can reduce or prevent specific forms of data use tied to personalization and profiling.

Common outcomes when you decline certain purposes (as framed by the CMP)

  • Less personalized advertising (ads may be less tailored to predicted interests).
  • Less profile-based personalization for content ordering or recommendations.
  • Measurement and analytics may change depending on what you allow (for example, ad measurement or audience research).
  • Security and technical delivery purposes may still be relevant to keep the service functioning reliably (the CMP lists these as purposes).

This flexibility is a strong fit for privacy-minded journaling: you can aim for the experience you want, from more personalization to more minimal tracking, based on your preferences.


How to change, manage, or withdraw consent on Penzu

Penzu’s CMP guidance notes that you can look for a link at the bottom of the page or in the site menu to manage or withdraw consent in privacy and cookie settings.

A practical step-by-step approach

  1. Open the site’s privacy and cookie settings (often accessible from the footer or menu).
  2. Choose Manage options (or similar wording).
  3. Review settings by purpose (for example, profile-based advertising, measurement, audience research).
  4. Review settings by vendor (where you can enable or disable specific partners).
  5. Confirm your choices so the CMP stores and communicates your updated preferences.

This design supports a major benefit: you are not locked into a one-time decision. You can refine consent over time as you get comfortable with the service.


Quick reference: purposes you can typically control in the CMP

The excerpted notice lists multiple controllable purposes and features. Below is a simplified reference of the themes mentioned and why they matter.

Purpose / FeatureWhat it helps doWhy it matters for your experience
Store and/or access information on a deviceUse cookies or identifiers to recognize a deviceEnables preference saving and can support personalization and measurement
Use limited data to select advertisingShow ads based on limited signals (context, device type, non-precise location)Can reduce frequency repetition and support basic relevance without full profiling
Create / use profiles for personalised advertisingBuild and use interest-based profilesLeads to more targeted advertising when enabled
Create / use profiles to personalise contentTailor content ordering or selection based on predicted interestsCan make content feel more relevant when enabled
Measure advertising and content performanceUnderstand what works and what doesn’tSupports optimization and reporting for ads and content
Understand audiencesGenerate statistics from combined data setsSupports aggregated insights into user groups
Develop and improve servicesImprove products based on interactionsCan help the service evolve without necessarily relying on profile development (as stated)
Ensure security, prevent fraud, fix errorsDetect suspicious activity and correct issuesHelps maintain a safer, more reliable service
Use precise geolocation dataUse location within a radius of less than 500 metres (with acceptance)Enables location-based features or targeting when explicitly allowed

How vendor-level control can support a privacy-first mindset

One of the most practical strengths of Penzu’s CMP is that it supports both purpose-level and vendor-level decisions. That means you can:

  • Allow a purpose broadly (like measurement) but still limit certain vendors, depending on what the CMP interface provides.
  • Decline profile-based advertising while still allowing technical delivery or security-related processing.
  • Make a choice that fits your comfort level without having to abandon the service.

For people using a personal journal, this is a meaningful benefit: you can pursue a more private browsing posture while still taking advantage of a convenient online diary tool.


Best practices for making consent choices that match your goals

Everyone’s ideal balance is different. Here are practical, benefit-driven ways to think through your settings, based on the purposes described in the notice.

If your priority is maximum personalization

  • Consider enabling profile-based advertising and content personalization purposes.
  • Allow measurement so content and advertising performance can be evaluated.
  • Only allow precise geolocation if you specifically want location-based relevance.

If your priority is minimizing profiling

  • Consider declining create profiles and use profiles purposes.
  • Rely more on limited data selection options where available.
  • Review vendor lists and reduce the number of vendors you allow, if the CMP provides that granularity.

If your priority is a balanced experience

  • Allow essential technical delivery and security-related purposes.
  • Select measurement and service improvement if you’re comfortable with performance insights.
  • Keep precise geolocation off unless you have a clear use case for it.

This approach turns consent from a confusing prompt into a set of deliberate, confidence-building choices.


Key takeaways

  • Penzu’s CMP explains that personal and device data (like cookies, unique identifiers, IP address, and browsing/interaction data) may be processed for advertising, content personalization, measurement, research, and service development purposes.
  • The notice states data may be shared with or accessed by up to 210 partners, with a partner list and vendor-level details available in the CMP.
  • With permission, precise geolocation (within less than 500 metres) may be used.
  • Your privacy choices are saved so they can be respected later, with a stated maximum duration of roughly 390 days (for example, in a cookie named FCCDCF on websites).
  • You can accept, decline, or manage options, including objecting where vendors rely on legitimate interest, and you can revisit settings to withdraw or refine consent.

When you’re choosing a private journaling tool, the best experience is one where you feel informed and in control — play Monopoly live by Evolution. Penzu’s consent controls are designed to provide that control through transparency, choice, and clear explanations of how personalization and profiling can affect ads and content.

Recent entries