Privacy Policy

What information we collect

We collect only the information necessary to provide our advisory services and to operate the website. This includes contact information (name, company, email, phone), job and company role, engagement details you provide when requesting a proposal or diagnostic, and any documents or data you share with us for a project. When you interact with the website, we collect usage data such as pages visited and form submissions. If you subscribe to insights, we retain your email address for the purpose of distribution. When you provide sensitive or confidential business data as part of a proposal or diagnostic, we handle it under contract terms, including nondisclosure and secure transfer arrangements when requested.

How we use information

We use personal data to respond to inquiries, to perform assessments and advisory services, and to send communications you have requested. Usage data is used to improve site performance and user experience. When engaged for diagnostics or implementation, we use business and financial information you supply to run analyses, construct scenario models, and prepare board-ready materials. We never sell personal data. In limited cases we may share data with trusted service providers (for example, secure storage or analytics), and only to the extent required to deliver services or operate the site. All vendor relationships are governed by data processing agreements that impose confidentiality and security obligations consistent with this policy.

Cookies and tracking

Our website uses essential cookies required for secure operation and optional cookies to improve experience and measure performance. The cookie banner visible across the site allows you to accept or reject non-essential cookies. Essential cookies enable forms, accessibility features, and basic session management. Non-essential cookies include analytics and performance cookies that aggregate usage patterns. If you reject non-essential cookies, analytics will not collect behavior beyond essential operation. You can change your cookie preference by clearing your browser storage or by revisiting the site and using the cookie controls. For clients that require stricter controls, we offer secure intake channels and explicit agreements that limit tracking and storage as requested.

Data retention and security

We retain personal data only as long as necessary to fulfill the purposes described or as required by law. Contact and subscription information is retained while you remain subscribed or until you request deletion. For client engagements, retention periods are defined in the engagement agreement. We apply industry-standard administrative, physical, and technical measures to protect data, including encryption for secure transfers and controlled access for stored documents. While no transmission can be guaranteed fully secure, we continuously review and update security measures and will notify affected parties if we detect a data breach where notification is legally required.

Your rights and choices

Depending on your jurisdiction, you may have rights regarding your personal data, including the right to access, correct, restrict processing, or request deletion. You may unsubscribe from marketing at any time using links in communications or by contacting us. To exercise rights related to data we hold about you, provide a clear request to the contact address below. We will verify requests to protect privacy and may need additional information to locate the relevant records. If you are an EU resident, certain additional rights may apply under the EU General Data Protection Regulation; for residents of other regions, applicable local privacy laws govern your rights.

Children and sensitive data

Our services are directed at professional audiences and businesses. We do not knowingly collect personal information from children under 16. Do not provide information about children to us. If you believe we have inadvertently collected information from a child, contact us and we will take steps to delete the data as appropriate.

Changes to this policy and effective date

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will publish the revised policy on this page with an updated effective date. Material changes that affect previously collected personal data will be communicated by email to subscribers and clients when feasible. Continued use of our services following publication of changes constitutes acceptance of the updated policy.

How to contact us

If you have questions about this Privacy Policy or our privacy practices, please contact our privacy team:

Effective date: January 1, 2026