Legal

Privacy Policy

Last updated: June 1, 2026 — The Guidebook & Co.™ LLC, Boston, Massachusetts
This policy complies with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and applicable U.S. state privacy laws.

Your privacy matters. This policy explains what we collect, why, who we share it with, and the rights you have over your data.

1. Data We Collect

• Account & order information: name, email address, billing address, shipping address (for hardcover orders), order history, and product license records
• Payment information: processed exclusively by Stripe, Inc. We never see, store, or have access to your full card number. Stripe’s privacy policy governs payment data: stripe.com/privacy
• Email marketing: if you opt in to our newsletter or waitlist, your email and source-page tag are stored in Kit (ConvertKit). Kit’s privacy policy: kit.com/privacy
• Transactional email: order confirmations and download delivery are sent via SendGrid (Twilio). SendGrid’s privacy policy: twilio.com/legal/privacy
• Site analytics: we use Google Analytics 4 (GA4) to collect anonymized, aggregated data about page visits, session duration, browser type, and referrer. IP addresses are anonymized. GA4 privacy: policies.google.com/privacy
• Advertising pixels: we use the Meta Pixel (Facebook/Instagram) to measure ad performance and build audiences for relevant advertising. This may set cookies to track conversions from Meta ad campaigns. You can opt out via your Meta ad settings.
• Cookies: session cookies for site functionality; optional analytics and advertising cookies (you may accept or decline via our cookie banner at first visit)

2. Why We Collect It

• To process your purchase and deliver your guidebooks and audio files
• To send order confirmations, download links, and customer support responses
• To fulfill hardcover print-on-demand orders via BookVault
• To send the welcome email series and occasional product updates (opted-in subscribers only)
• To detect and prevent fraud, chargebacks, and unauthorized distribution of our content
• To improve our site, products, and marketing through anonymized analytics
• To comply with legal obligations under Massachusetts law and applicable federal law

3. Who We Share Data With

We do not sell your personal data. We share it only with service providers who process it on our behalf:

• Stripe — payment processing
• SendGrid / Twilio — transactional email delivery
• Kit (ConvertKit) — email marketing (opted-in subscribers only)
• BookVault — print-on-demand fulfillment (name and shipping address for hardcover orders only)
• Cloudflare — website hosting, CDN, and security
• Google (GA4) — anonymized analytics
• Meta — advertising pixel (conversion tracking only)
• Law enforcement — only when required by a valid court order, subpoena, or legal obligation

4. Cookies & Cookie Banner

We use the following categories of cookies: (a) Strictly necessary — required for checkout and site functionality, always active; (b) Analytics — GA4, anonymized, opt-in; (c) Advertising — Meta Pixel, opt-in. A cookie consent banner is displayed on first visit. You may change your preferences at any time by clearing site cookies or clicking “Cookie Settings” in the footer.

5. Data Retention

• Order & purchase records: retained for 7 years to comply with tax and accounting obligations
• Email marketing list: retained until you unsubscribe or request deletion
• Analytics data: GA4 default retention (14 months for user data, 26 months for event data)
• Stripe payment data: governed by Stripe’s retention policy

6. Your Rights (GDPR & CCPA)

Depending on your jurisdiction, you have the following rights:

• Access: request a copy of the personal data we hold about you
• Correction: request correction of inaccurate data
• Deletion (“right to be forgotten”): request deletion of your personal data, subject to legal retention requirements
• Portability: receive your data in a structured, machine-readable format
• Opt-out of sale/sharing: we do not sell personal data; this right is satisfied
• Opt-out of targeted advertising: you can adjust Meta ad preferences and decline analytics cookies via the cookie banner
• Withdrawal of consent: unsubscribe from marketing emails at any time via the unsubscribe link in any email
• Lodge a complaint: GDPR users may file a complaint with your local supervisory authority

To exercise any of these rights, email info@theguidebookco.com. We respond within 30 days as required by applicable law.

7. Security

We use industry-standard security measures including TLS encryption, Cloudflare DDoS protection, and Stripe’s PCI-compliant payment processing. No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but take every reasonable precaution.

8. Children

Our products and Site are intended for adults 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If we become aware of such collection, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy. Material changes will be posted on this page with a new “Last updated” date.

10. Contact

Privacy questions or data requests: info@theguidebookco.com
The Guidebook & Co.™ LLC · Boston, Massachusetts