Legal

Privacy Policy

Last updated April 2026

What We Collect

Email Address

If you subscribe to our email list or purchase through Lemon Squeezy, we collect your email address via Kit for onboarding and product updates. You may unsubscribe at any time.

Payment Information

All payments are processed through Lemon Squeezy, our Merchant of Record. We do not store credit card information, bank details, or other sensitive payment data. Lemon Squeezy handles PCI compliance and payment security.

Analytics

We use Cloudflare Web Analytics to track page views, traffic patterns, and basic user behavior (no personal identifiers). This helps us understand which content is most valuable and optimize the user experience. No tracking pixels, no third-party advertising networks, no behavioral profiling.

Portfolio & Financial Data

Critical: We never collect your portfolio, holdings, income, net worth, or any financial data. Harvest Protocol runs entirely on your machine, in your Claude account. The engine executes in your browser or your AI subscription — it never contacts our servers with financial information. Your financial privacy is absolute.

Data Use & Retention

Email addresses are used solely for:

• Onboarding sequences (post-purchase)
• Product updates and release notes
• Community announcements
• Support requests (if you contact us)

We retain email data for as long as you remain on our list. You may request deletion at any time by unsubscribing or emailing hello@getharvestprotocol.com

GDPR Rights (EU Residents)

If you are in the EU, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion ("right to be forgotten")
• Request portability of your data
• Object to processing for marketing purposes

To exercise any of these rights, email hello@getharvestprotocol.com with "GDPR Request" in the subject line.

Third Parties

ConvertKit: Handles email list management. See their privacy policy at convertkit.com/privacy

Lemon Squeezy: Processes payments and handles file delivery. See their privacy policy at lemonsqueezy.com/privacy

Cloudflare: Provides analytics and CDN services. See their privacy policy at cloudflare.com/en-gb/privacy/

Security

All data transmission uses HTTPS encryption. We store email addresses in encrypted form and restrict access to authorized personnel only. However, no online transmission is 100% secure — use strong passwords and enable two-factor authentication on your email and Claude accounts.

Contact

For privacy questions or to exercise your rights, email hello@getharvestprotocol.com with "Privacy Request" in the subject line.