Privacy

When you submit the briefing form, we collect the fields you provide: name, work email, role (optional), engagement type, question topic, and question details.

We use this information to respond to your request and, if you proceed, to deliver the engagement. We don't use it for marketing and we don't share it with third parties for marketing.

Submissions are stored in our database (Cloudflare D1) and a notification is sent to our intake mailbox via the Microsoft Graph API. We retain submissions for up to three years after the last engagement-related contact, or until you ask us to delete them — whichever comes first.

We use Azure Application Insights to measure site performance (page-load metrics, Web Vitals like LCP, INP, CLS) and to catch errors. Our telemetry payload contains performance numbers and a generated session identifier scoped to one browser tab. It does not include:

• Your IP address
• Your email or name
• A persistent user identifier
• The content of any form you've started typing

Application Insights is operated by Microsoft. Microsoft acts as our data processor for telemetry data we send to it.

The briefing form is protected by Cloudflare Turnstile, a privacy-friendly alternative to traditional CAPTCHAs. Cloudflare evaluates the challenge in your browser; we receive a yes/no token, not your raw browsing signals. Turnstile is designed not to track users across sites and does not display advertising.

If you can't complete the challenge or block it at the network level, the form won't submit.

We do not set first-party tracking cookies, advertising cookies, or analytics cookies. Cloudflare Turnstile may set short-lived cookies strictly necessary to complete the bot challenge.

The infrastructure we rely on to operate the site:

• Cloudflare — site hosting (Pages / Workers), database (D1), and Turnstile bot protection.
• Microsoft — Graph API for transactional email; Application Insights for anonymous telemetry.

Each subprocessor is bound by its own privacy and security terms. We do not authorize them to use your data for their own marketing.

Like any web service, the Cloudflare edge and our Workers runtime briefly process standard request metadata (such as IP address and user-agent) to deliver the response. We do not persist these in our own database or copy them into our analytics pipeline.

You can ask us to access, correct, or delete the personal information we hold about you. Send your request via the briefing form — mark your message "Privacy request" — and we'll respond within 30 days.

If you're in a jurisdiction with additional rights (for example, the GDPR or California's CCPA/CPRA), those rights apply and you can exercise them through the same channel.

This site is for business audiences. We do not knowingly collect information from children under 16. If you believe a child has submitted information to us, contact us and we will delete it.

We may update this policy from time to time. Material changes will be reflected by updating the effective date at the top of this page.

Privacy questions and rights requests can be sent via the briefing form. The data controller is Vezza LLC, Seattle, Washington, USA.