1. Data Controller
A-Eye Level is a content and advisory platform focused on AI decision clarity for business leaders.
Data Controller:
Ron Gold
A-Eye Level
ron@a-eyelevel.com
As the operator of this website, Ron Gold is the Data Controller as defined by the EU General Data Protection Regulation (GDPR). This means we determine the purposes and means of processing any personal data collected through this website.
Data Protection Officer: No Data Protection Officer (DPO) has been appointed, as the conditions set out in Article 37 of the GDPR do not apply to this website. For any data protection inquiries, contact ron@a-eyelevel.com.
2. What data we collect
We collect only the data you voluntarily provide through our website forms:
Newsletter signup form: Name, email address, consent confirmation.
Contact form: Name, email address, message content, consent confirmation.
We do not use cookies. We do not use advertising pixels or retargeting technologies. We do not collect personal data automatically beyond standard server logs maintained by our hosting provider. We use Netlify Analytics, a server-side analytics service that does not use cookies, does not collect personal data, and does not track individual visitors. See Section 5 for details.
3. Legal basis for processing
Under the EU General Data Protection Regulation (GDPR), we process your personal data based on:
Consent (Article 6(1)(a)): When you submit a form on our website, you explicitly consent to our processing of the data you provide for the stated purpose. You may withdraw consent at any time by contacting us.
Legitimate interest (Article 6(1)(f)): We may process data to respond to your inquiries and maintain the security of our website.
4. How we use your data
Newsletter subscribers: To send you our weekly newsletter, "The 5-Minute AI Decision." Each email includes an unsubscribe link. We will never sell, share, or rent your email address to third parties.
Contact form submissions: To respond to your inquiry. We retain messages only as long as needed to address your request.
5. Third-party services
We use a limited number of third-party services to operate this website:
Netlify (hosting, form processing, and analytics): Our website is hosted on Netlify, Inc. (USA). Form submissions are processed through Netlify Forms. We use Netlify Analytics for aggregate traffic measurement. Netlify Analytics is entirely server-side: it does not inject JavaScript into your browser, does not set cookies, and does not collect or store personal data. It provides only aggregate page view counts and referrer data. Netlify's privacy policy: netlify.com/privacy. Data transfers to the USA are governed by Netlify's Standard Contractual Clauses.
Buttondown (newsletter service): Newsletter subscriptions are managed by Buttondown, LLC (USA). When you subscribe, your email address is stored by Buttondown to deliver the newsletter. Buttondown uses double opt-in (email confirmation) before adding you to the subscriber list. You can unsubscribe at any time via the link in every email. Buttondown's privacy policy: buttondown.com/legal/privacy.
ImprovMX (email forwarding): Emails sent to our domain address are forwarded via ImprovMX. ImprovMX processes only the email metadata necessary for forwarding. ImprovMX's privacy policy: improvmx.com/privacy.
All fonts are self-hosted on our own domain. No external font services are used. We do not use any third-party advertising or tracking services.
6. Cookies and tracking
This website does not set first-party cookies, third-party cookies, or any form of local storage for tracking purposes.
Our hosting provider (Netlify) may use strictly necessary technical cookies for load balancing and security purposes. These are exempt from consent requirements under the ePrivacy Directive as they are essential for the website to function. They do not track your behavior.
We use Netlify Analytics for aggregate traffic measurement. This service operates entirely on the server side: no JavaScript is added to your browser, no cookies are set, and no personal data is collected. It provides only aggregate statistics (page views, referrer sources) with no individual visitor tracking.
We do not use advertising pixels, retargeting technologies, or social media tracking scripts. No behavioral data is collected as you browse this website. All fonts are self-hosted on our domain, so no external requests are made when loading pages.
If we introduce cookies or client-side tracking in the future, we will update this policy and our Cookie Policy, and implement a cookie consent mechanism before any tracking begins.
7. International data transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA), specifically the United States, via the following providers: Netlify (hosting and forms), Buttondown (newsletter delivery), and ImprovMX (email forwarding). These transfers are protected by Standard Contractual Clauses (SCCs) as approved by the European Commission, in accordance with GDPR Chapter V.
8. Data retention
Newsletter subscribers: We retain your name and email address until you unsubscribe or request deletion.
Contact form submissions: We retain messages for up to 12 months after your inquiry is resolved, then delete them.
Server logs: Standard server logs are retained by Netlify for up to 30 days.
9. Your rights under GDPR
If you are located in the European Economic Area, you have the following rights regarding your personal data:
Right of access (Article 15): Request a copy of the personal data we hold about you.
Right to rectification (Article 16): Request correction of inaccurate data.
Right to erasure (Article 17): Request deletion of your personal data.
Right to restrict processing (Article 18): Request that we limit how we use your data.
Right to data portability (Article 20): Receive your data in a structured, machine-readable format.
Right to object (Article 21): Object to processing based on legitimate interest.
Right to withdraw consent: Withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.
Right not to be subject to automated decision-making (Article 22): We do not use automated decision-making or profiling that produces legal or similarly significant effects.
To exercise any of these rights, contact us at ron@a-eyelevel.com. We will respond within one month of receiving your request, as required by Article 12(3) of the GDPR.
10. Right to lodge a complaint
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
As this website is operated from France, the relevant supervisory authority is:
CNIL (Commission Nationale de l'Informatique et des Libertés)
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
www.cnil.fr
11. Children's privacy
This website is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.
12. Security
We protect your data using industry-standard security measures including HTTPS/TLS encryption, HTTP security headers (Content-Security-Policy, Strict-Transport-Security, X-Frame-Options), and limited data collection practices. However, no method of electronic transmission or storage is 100% secure.
13. Changes to this policy
We may update this privacy policy to reflect changes in our practices or legal requirements. The effective date at the top of this page indicates when the policy was last revised. For material changes that affect how your personal data is processed, we will provide notice on this website before the changes take effect.
Questions about this policy? Contact ron@a-eyelevel.com.