Privacy Policy

KYPEX MEDIA (kypexmedia.com)
Last Updated: July 8, 2026 | Effective Date: July 8, 2026

1. Introduction

1.1. This Privacy Policy ("Policy") describes how Kypex Media, a registered trade name and publishing imprint of Kypex Advisors, LLC, a Georgia limited liability company ("Kypex Media," "Company," "we," "us," or "our"), collects, uses, discloses, and protects information in connection with kypexmedia.com and our email newsletter (together, the "Site").

1.2. This Policy is incorporated into and subject to our Terms of Service. Capitalized terms not defined here have the meanings given in the Terms of Service. By accessing or using the Site, you agree to the collection, use, and disclosure of your information as described in this Policy. If you do not agree, do not use the Site.

1.3. The Site is provided free of charge, and we deliberately collect as little information as possible. In plain language before the details: we collect an email address (and a name, if you offer one) when you subscribe, we use it to send you the updates you asked for, we never sell it, and you can leave the list with one click at any time.

2. Information We Collect

2.1. Information you provide. When you subscribe to our newsletter, we collect your email address and, if you choose to provide it, your name. If you contact us by email or through social media, we receive your address or handle and the contents of your message. We do not collect payment information; the Site sells nothing directly, and purchases occur on third-party retailer sites under their own policies.

2.2. Information collected automatically. When you visit the Site, our hosting and infrastructure providers automatically collect standard technical data, which may include: IP address, approximate location derived from IP address (country, region, city), browser type and version, device type and operating system, pages viewed, referring URLs, and dates and times of access. We may also use privacy-respecting, aggregate analytics to understand Site traffic. We do not use this data to identify individual visitors.

2.3. Cookies and similar technologies. The Site does not use advertising cookies or third-party tracking cookies for marketing. The Site and its service providers may use strictly necessary cookies or local storage required for the Site or the signup form to function; these cannot be disabled while using the affected features. Our newsletter provider may include standard open and click measurement in emails, which we use only to understand engagement with our own emails.

2.4. Do Not Track. The Site does not respond to "Do Not Track" browser signals; it also does not engage in cross-site tracking, so the signal has nothing to change.

3. How We Use Information

3.1. We use the information we collect to: (a) provide, operate, maintain, and secure the Site; (b) send the newsletter and other communications you have requested, including any free subscriber content we have promised; (c) respond to your inquiries; (d) monitor, detect, and prevent fraud, abuse, and security incidents; (e) comply with legal obligations and enforce our Terms of Service; (f) generate aggregated, anonymized, or de-identified analytics; and (g) protect the rights, property, and safety of the Company, our readers, and the public.

3.2. Legal bases. Where applicable law requires a legal basis, we process personal information based on: (a) your consent (for the newsletter, given through double opt-in and withdrawable at any time by unsubscribing); (b) our legitimate interests in operating, securing, and improving a free publishing website, where not overridden by your rights; and (c) compliance with legal obligations.

3.3. Double opt-in. You will only receive our newsletter after you confirm your subscription by clicking the link in a confirmation email. We retain a record of your confirmation (including date, time, and IP address) as evidence of consent.

3.4. We do NOT send third-party marketing, we do NOT serve targeted advertising, and we do NOT sell advertising space based on your data.

4. How We Share Information

4.1. We do not sell, rent, or trade your personal information, and we do not share it with third parties for their own marketing purposes. We have not done so in the preceding 12 months, and we have no plans to ever do so.

4.2. Service providers (processors). We share information only with the service providers that make the Site work, and only so they can perform services for us. As of the Effective Date, our key providers are: (a) MailerLite (UAB "MailerLite," email newsletter platform): stores the subscriber list, sends our emails, and records consent logs; (b) Cloudflare, Inc.: domain, DNS, network security, email routing, and, where applicable, site hosting; (c) our website deployment platform (such as Cloudflare Pages or Lovable/GPT Engineer, Inc.): hosts and serves the Site and processes server logs; and (d) GitHub, Inc.: stores the Site's source code (which contains no subscriber data). We may add, remove, or change providers as operational needs require, without prior notice; the current list is available on written request. We require that providers maintain commercially reasonable security measures and process data only to provide services to us.

4.3. Legal and safety disclosures. We may disclose information if required by law or in the good-faith belief that disclosure is necessary to: comply with applicable law, regulation, legal process, or enforceable governmental request; enforce our Terms of Service; detect, prevent, or address fraud, security, or technical issues; or protect the rights, property, or safety of the Company, our readers, or the public.

4.4. Business transfers. If the Company or the imprint is involved in a merger, acquisition, reorganization, or sale of all or substantially all relevant assets, subscriber information may be transferred to the successor entity. We will provide notice by email and/or prominent notice on the Site before your information becomes subject to a different privacy policy.

4.5. Aggregated data. We may share aggregated, anonymized, or de-identified data that cannot reasonably identify you, for analytics and reporting purposes.

5. Our Role

For subscriber information and Site data, the Company acts as the data controller, and our service providers listed in Section 4.2 act as processors on our behalf.

6. Data Security

6.1. We use commercially reasonable measures to protect your information, relying on security controls provided by our service providers, including encryption in transit (TLS), reputable managed infrastructure, and access limited to those who need it (in practice, the author and the providers listed above).

6.2. Enterprise security certifications (such as SOC 2 or ISO 27001) are maintained by our service providers, not by the Company directly. The Company does not perform independent security audits or maintain its own certifications.

6.3. No method of transmission or storage is 100 percent secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security, and you acknowledge and accept this inherent risk.

7. Data Breach Notification

In the event of a confirmed security breach resulting in unauthorized access to or disclosure of your personal information, we will notify affected subscribers and applicable regulators promptly and within the timeframes required by applicable law, and will describe, to the extent known, the nature of the breach, the information affected, the measures taken, and a point of contact. Notification may be delayed where required by law enforcement.

8. Data Retention

8.1. Subscriber data: retained for as long as you remain subscribed. When you unsubscribe or request deletion, your details are removed from the active list; a minimal suppression record (your email address and unsubscribe date) may be retained so we never email you again, and consent logs may be retained as legally required for evidentiary purposes.

8.2. Correspondence: emails you send us are retained as ordinary business records for as long as reasonably necessary.

8.3. Technical logs: server and access logs are generated and retained by our service providers under their own retention policies; we do not maintain independent local copies.

8.4. Because our providers operate their own backup and archival systems, we will use commercially reasonable efforts to honor deletion requests but cannot guarantee removal of every historical copy from provider backup systems. Data may be retained longer where required by law or for the establishment, exercise, or defense of legal claims.

9. Your Rights and Choices

9.1. Unsubscribe anytime. Every email includes an unsubscribe link that takes effect immediately.

9.2. Depending on applicable law, you may have the right to: (a) confirm whether we process your personal information and access a copy; (b) correct inaccurate information; (c) delete your information, subject to the retention exceptions in Section 8; (d) receive your information in a portable format; and (e) object to certain processing based on legitimate interests.

9.3. To exercise any right, email [email protected]. We will respond to verifiable requests within 45 days (or notify you if we require an extension permitted by law). We may request information reasonably necessary to verify your identity, such as confirming control of the subscribed email address.

9.4. Appeals. If we decline your request, you may appeal by replying with "Privacy Rights Appeal" in the subject line; we will respond to appeals within 45 days or as required by applicable law, and you may also contact your state attorney general.

10. California Residents (CCPA/CPRA)

10.1. In the preceding 12 months, we have collected only the following categories of personal information: identifiers (name, email address, IP address) and internet activity (pages visited on the Site). We collect them directly from you and from your browser, for the business purposes described in Section 3, and disclose them only to the service providers described in Section 4.2.

10.2. We do not sell personal information and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined by the CCPA/CPRA, and we have not done so in the preceding 12 months. No opt-out is required. We do not use or disclose sensitive personal information, and we have no actual knowledge of selling or sharing the personal information of consumers under 16.

10.3. You have the rights to know, access, correct, delete, and port your personal information, and the right not to be discriminated against for exercising them. Exercise them via Section 9.

10.4. Under California's "Shine the Light" law (Civil Code § 1798.83), you may request information about disclosures to third parties for their direct marketing purposes; we make no such disclosures.

11. Other U.S. State Privacy Rights

If you reside in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another state with a comprehensive privacy law, you may have similar rights of access, correction, deletion, and portability, plus rights to opt out of targeted advertising, sale, and profiling, none of which we engage in. Exercise any right, or appeal a decision, via the process in Section 9.

12. International Visitors

The Site is operated from and hosted in the United States. If you access the Site from outside the United States, you acknowledge and consent to the transfer and processing of your information in the United States, where data protection laws may differ from those of your jurisdiction. For visitors in the EEA or UK, we honor the rights described in Section 9 and rely on your consent (newsletter) and our legitimate interests (site operation and security) as legal bases; where our providers transfer data internationally, we rely on the standard contractual clauses and data processing agreements they maintain. We do not represent that the Site is targeted to any jurisdiction outside the United States.

13. Children's Privacy

The Site is a general-audience website about books and is not directed to children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us at [email protected] and we will promptly delete it.

14. Changes to This Policy

We may update this Policy at any time. The updated Policy will be posted here with a new "Last Updated" date. Material changes affecting how we use subscriber information will be communicated to subscribers by email before they take effect. Continued use of the Site after changes are posted constitutes acceptance.

15. Contact

Kypex Media, an imprint of Kypex Advisors, LLC (a Georgia limited liability company)
Attn: Privacy
Email: [email protected] (general inquiries: [email protected])

16. Consent and Acknowledgment

BY USING THE SITE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO: (a) the collection, use, and sharing of your information as described herein; (b) the transfer and processing of your information in the United States; (c) the retention practices described in Section 8; and (d) the roles of our service providers described in Section 4.2. IF YOU DO NOT AGREE, DO NOT USE THE SITE.

END OF PRIVACY POLICY