Legal · Privacy
Privacy
How HyperContent™ collects, uses, and protects personal information on this website. Written to be read, not just filed.
This policy covers personal information collected through hypercontent.ai. It does not cover the separate processing that happens inside a customer engagement, which is governed by a Data Processing Agreement and the customer contract.
1. Who we are
The site is operated by HyperContent, Inc., a Delaware C corporation. Mailing address: PO Box 4314, Park City, UT 84060, USA. Phone: +1-435-252-9960. For anything in this policy, including data subject requests, write to privacy@hypercontent.ai. That inbox is monitored.
2. What personal information we collect
We collect three buckets:
- What you tell us. When you fill out the contact form or request access to a resource, you give us your name, work email, company, role, and any message you choose to write. The atoms table sign-up captures just your work email.
- What your browser tells us. Like every website, our hosting provider receives your IP address, user agent, the page you requested, and the page you came from. These are in standard server logs.
- One cookie. If you unlock the password-gated
product page, we set a single first-party cookie
(
hc_product_access) that remembers you for seven days so you do not have to re-enter the password on every visit. We do not set advertising or analytics cookies. See the Cookie Policy for details.
3. Why we use it, and on what legal basis
Under the GDPR and UK GDPR, every use of personal data needs a legal basis. Here is what we do and which basis applies.
- To reply to you. If you contact us, we use your details to respond. Legal basis: Article 6(1)(b), taking steps at your request before entering a contract, and Article 6(1)(f), our legitimate interest in running the business.
- To send you the resource you asked for. If you sign up to the atoms table, we use your email to send the material you requested. Legal basis: Article 6(1)(a), your consent.
- To operate and secure the site. Server logs, the access cookie, and basic abuse prevention. Legal basis: Article 6(1)(f), our legitimate interest in keeping the service running and safe, balanced against the limited data involved.
- To meet legal obligations. Tax, accounting, responding to lawful requests. Legal basis: Article 6(1)(c).
4. Cookies and tracking
The short version: one strictly necessary first-party cookie, no advertising trackers, no third-party analytics. Full table and consent controls on the Cookie Policy. You can change your preferences at any time using the link in the footer.
5. Who we share information with
We share data with a small set of vendors that run parts of the site for us. We do not sell personal information and we do not share it for cross-context behavioural advertising.
| Vendor | What they do | What they see | Where |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, and Workers runtime for the site | IP address, user agent, request metadata, standard server logs | Global edge, US controller |
| Resend, Inc. | Sends transactional email from the contact and atoms forms | Submitted name, email, company, role, message, UTM parameters | United States |
| Google LLC (Fonts) | Serves the DM Sans web font | IP address and user agent when your browser fetches the font | United States |
We may also disclose information when required by law, to enforce our terms, or to protect our rights or the rights of others. If we ever go through a corporate transaction such as a merger or acquisition, personal data may transfer with the business, subject to this policy.
6. International transfers
Our vendors process data in the United States. If you are in the European Economic Area, the United Kingdom, or Switzerland, your personal data may be transferred to the US. Where required, we rely on the European Commission’s Standard Contractual Clauses and, for UK data, the UK International Data Transfer Addendum or IDTA, together with the safeguards our vendors publish. You can request a copy of the relevant transfer mechanism by writing to the privacy address above.
7. How long we keep it
We keep contact form submissions and email correspondence for as long as the conversation is active and for up to 24 months after, then delete or anonymise it unless a longer period is required by law. Marketing list entries are kept until you unsubscribe. Server logs at Cloudflare are kept on their standard retention schedule. The product access cookie expires after 7 days.
8. Your rights
If you are in the EEA, the UK, or Switzerland, you have the right to ask for access to your personal data, to have it corrected or erased, to restrict or object to processing, to data portability, and to withdraw consent at any time where we rely on it. You also have the right to lodge a complaint with your supervisory authority, though we would rather you tell us first so we can fix the problem.
If you are in a US state with a comprehensive privacy law, you have the right to know what we hold about you, to delete it, to correct it, and to opt out of any sale, share, or targeted advertising. We do not sell or share personal information and we do not run targeted advertising on the site, so the opt-out will be confirmed in writing if you request it. If we deny a request, you can appeal by replying to our response; we will consider the appeal and write back.
To exercise any of these rights, write to privacy@hypercontent.ai. We may need to verify your identity before acting. We aim to respond within 30 days.
9. Global Privacy Control and Do Not Sell or Share
We honour the Global Privacy Control (GPC) browser signal. If your browser sends it, we treat it as an opt-out of any sale or share of personal information and as an objection to non-essential cookies and trackers, for the device and browser that sent the signal. This is in addition to the controls in the cookie banner.
10. How we keep it secure
We use widely accepted technical and organisational measures to protect the small amount of data this site collects: HTTPS in transit, access controls on our vendor consoles, a short list of staff with access, and a content security policy that blocks unauthorised scripts. No system is perfectly secure. If a breach affects you, we will notify you and the relevant authority as the law requires.
11. Children
This site is built for media businesses and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with their data, write to the privacy address and we will delete it.
12. EU and UK representatives
[TODO counsel] HyperContent, Inc. is reviewing whether an EU representative (GDPR Article 27) and a separate UK representative are required for our processing today. If appointed, their names and contact details will be published in this section. In the meantime, send EU and UK requests to privacy@hypercontent.ai; we will route them to the appropriate party and acknowledge receipt.
13. Changes to this policy
We update this page when our practices change. Material changes will be flagged on the page itself and dated above. Your continued use of the site after an update means you have read and accepted the current version.
14. Contact
HyperContent, Inc.
PO Box 4314
Park City, UT 84060
United States
privacy@hypercontent.ai
+1-435-252-9960