Privacy Policy
How we handle the small amount of personal data this site collects — and what we deliberately do not collect.
Last updated: 30 June 2026
1. Who we are
This site, cross-data.org, is operated by Cross Data ("Cross Data", "we", "us"). Cross Data is an External Strategic Intelligence practice. For any question about this policy or your data, use our contact form.
2. What we collect
We collect only what you choose to send us, plus the minimum our hosting needs to serve the site:
- Contact-form details. When you use the contact form, we receive your name, your work email, your company and role, and the strategic question you describe.
- Standard server logs. Like any website, our host records technical data such as IP address, browser type, and timestamps, used to keep the site secure and reliable.
What we do not do: no analytics products, no advertising or tracking pixels, no behavioural profiling, no third-party trackers, and no sale or brokering of your data. The site is intentionally clean.
3. Why we use it
We use the information you send solely to reply to you, understand whether the methodology fits your question, and discuss a possible engagement. We do not use it for advertising and we do not share it for anyone else's marketing.
4. Who processes it
The site is hosted and the contact form is processed by our hosting provider, Netlify, which transmits your submission to us. Netlify processes this data on our behalf under its own privacy terms. We use no other processors for data collected through this site, and we do not transfer your data to third parties except where required by law.
5. How long we keep it
We keep your message for as long as needed to respond and, if we work together, for the duration of our relationship plus a reasonable period afterwards. After that we delete or anonymise it. You can ask us to delete it sooner (see your rights below).
6. Your rights
Depending on where you live, you may have the right to access, correct, export, restrict, or delete your personal data, to object to processing, and to withdraw consent. To exercise any of these, contact us and we will act within a reasonable time — and within any statutory deadline that applies to you.
7. International processing
Our hosting provider may process data in countries other than your own. Where that happens, we rely on the provider's appropriate safeguards for international transfers.
8. Security
We apply reasonable technical and organisational measures to protect the data we hold. No method of transmission or storage is perfectly secure, but we keep the surface small on purpose — less collected means less at risk.
9. Children
This site is intended for a business audience and is not directed at children. We do not knowingly collect data from anyone under the age of 16.
10. Changes to this policy
We may update this policy as the site or the law changes. The "last updated" date above always reflects the current version.
11. Contact
Questions or requests about your data: contact form.