RedpointRack

Privacy

Privacy policy.

What we collect, why, who else sees it, what choices you have. No sale of personal information, no advertising, no retargeting.

Last updated: May 22, 2026

Redpoint Rack LLC— based in Wyoming, USA — runs this site at redpointrack.com. We're a small publication and operator-architect practice. We collect the minimum information needed to operate and don't sell or share it.

This policy explains what we collect, why, who else sees it, and what choices you have.

What we collect

Just visiting

You can read essays, browse frameworks, and view all public pages without telling us anything. There are no user accounts on the public site.

When you submit the contact form

Your name, email, optional company, the engagement type you're interested in, optional revenue band and industry, and the message text. We use this to reply.

When you subscribe to the newsletter

Your email address, and a small tag indicating how you signed up (homepage form, end-of-essay block, field-guide download, etc.). We use this to send weekly essays.

When you download the Shareholder Agreement Field Guide

Same as the newsletter — your email is added to the subscriber list with a field-guide tag. The PDF is delivered immediately.

Analytics (only if you accept)

When you click Accept on the consent banner:

  • Google Analytics 4 records page views, traffic source, approximate location (city/country, not precise), and device/browser type. Cookies named _ga and _ga_*.
  • Server-side page-view records in our own database capture the page path, the time, a one-way hash of your IP address (salted with a server-only secret, not reversible to your real IP), your referrer, and your user-agent string.

If you decline, neither layer fires. The site works the same; we just lose the visibility.

What we do not collect

We don't accept payments through this site, so we don't store any financial information. We don't sell data, run advertising, or share information with retargeting platforms. We don't fingerprint visitors.

How we use what we collect

  • Reply to inquiries and scope possible engagements.
  • Send weekly essays to subscribers.
  • Understand which essays land and how people find them.
  • Protect the site from abuse (rate-limiting, spam filtering, fraud detection on the contact form).

Who else sees the data

The services we rely on to operate:

  • Render hosts the application and the database. They have access to whatever the application server has.
  • Dopplermanages our secrets (API keys, database credentials). It doesn't see visitor data.
  • Google Analytics 4 (when you consent) sees the pageview events Consent Mode allows.
  • Google Cloud OAuthhandles admin sign-ins. Visitor accounts don't exist; only the operator's account does.
  • Anthropic processes essay content via internal admin tooling (admin-only). Visitor-submitted data is never sent to Anthropic.

We don't share data with anyone else. We don't sell it.

Cookies & local storage

Redpoint Rack does not set first-party tracking cookies. The only data we store in your browser without consent is one localStorage entry, rr-consent-v1, that remembers your choice on the consent banner. Without it we'd ask you to choose every time you loaded the site.

When you accept analytics, Google Analytics 4 sets its own cookies (_ga, _ga_*) for measurement. Those expire on Google's schedule, currently up to two years for the main _ga cookie. Decline analytics — or use in the footer — to revoke, and clear them via your browser settings.

Analytics & how we measure traffic

We use two layers of analytics, both default-denied until you opt in via the consent banner.

  • Google Analytics 4.Page views and traffic sources. We use Google's Consent Mode v2 with all four signals (ad_storage, ad_user_data, ad_personalization, analytics_storage) denied by default. Nothing measurable fires until you click Accept. We don't run advertising, retargeting, or remarketing — the ad_*signals stay denied even when you accept. You can also install Google's opt-out browser add-on for a global decline.
  • Server-side page-view counts. Our own database records path, time, hashed IP, referrer, and user-agent. No personally identifiable information. Powers an internal dashboard so we can see which essays land. Also gated by your consent — decline and we record nothing.

Neither layer is shared with third parties (other than Google Analytics itself, which sees only what Consent Mode allows), used for advertising, or sold.

Change your mind any time. Click — here or in the footer of any page — to reopen the consent banner.

How long we keep things

  • Subscribers: until you unsubscribe.
  • Contact form submissions: until we delete them manually. Typically cleared after a response cycle closes.
  • Server-side page-view records: kept as aggregate analytics. No plans to identify individuals from them. If you want yours purged, email us.
  • Google Analytics data: governed by Google's retention controls. We use the default setting.

Your rights — EU, UK, EEA (GDPR/UK GDPR)

The lawful bases for processing your data:

  • Consent — analytics, weekly newsletter
  • Legitimate interest — replying to your inquiry, protecting the site from abuse
  • Contract performance — delivering the field guide PDF after you request it

You have the right to:

  • Access the personal data we hold about you
  • Correct it
  • Delete it
  • Restrict or object to processing
  • Port it (receive it in a usable format)
  • Withdraw consent at any time

To exercise any of these, email contact@redpointrack.com. You also have the right to complain to your local data protection authority.

Your rights — California (CCPA)

  • We do not sell or share your personal information for cross-context behavioral advertising.
  • You have the right to know what we've collected, to request deletion, and to opt out of sale (already a no, but stated for clarity).
  • Email contact@redpointrack.com to exercise any of these. We may verify your identity before responding.
  • We don't discriminate against users who exercise these rights.

Children

This site isn't directed at children under 13 (or under 16 in the EU). We don't knowingly collect data from children. If you believe a child has submitted information to us, email us and we'll delete it.

Changes to this policy

When we change something material, we update the date at the top. For substantive changes that affect previously-collected data, we'll note them prominently on the page.

Contact

Redpoint Rack LLC
contact@redpointrack.com
Wyoming, USA

See also our Terms of Use.