I won't use your email address for marketing, and I won't hand it out to other entities/companies/whatever. If your email address gets used at all, it will be for forgotten password notifications.
Even though I store passwords securely, there's always the possibility that someone will somehow break into the server and make off with the user database. In that unlikely event, the nefarious bastard may have even figured out how to crack bcrypt. In case that extremely unlikely event happens, you should probably pick a unique password for this site. If you have trouble keeping track of all of these unique passwords that you really should be using, maybe you can use LastPass or KeePass.
Cookies get used to keep track of you on the site, and I use Google Analytics, and Google AdSense.