For this to be a forced breach, the website must be intentionally exploiting a security issue on the device to expose exact location coordinates. If so, I’d suggest perusing the source code, as there might be bug bounty money there. Or patching your device. EDIT: to be clear, this would also be a dick move by the website author and they should be publicly shamed more than this.
Alternatively, they may be accidentally triggering a vulnerability (more bug bounty money or reasons to patch)
Alternatively, you accidentally gave the permission for location services when prompted.
Alternatively, your IP has a GeoIP location that is at / very close to your home address. If this is the case, GeoIP databases are like telephone directories of yore. Except not only are they globally public, you also cant opt out.
Alternatively, they may be accidentally triggering a vulnerability (more bug bounty money or reasons to patch)
Alternatively, you accidentally gave the permission for location services when prompted.
Alternatively, your IP has a GeoIP location that is at / very close to your home address. If this is the case, GeoIP databases are like telephone directories of yore. Except not only are they globally public, you also cant opt out.
Sorry!