Privacy Policy

Last updated: 5 May 2026

This Privacy Policy explains how The Protocol Collective ("we", "us", "our") collects, uses, and protects information when you visit theprotocolcollective.com (the "Site") or purchase our products.

1. Information We Collect

We collect the following:

• Email address when you submit the welcome-gift form or purchase a product
• Name and billing details required by Stripe to process payments (Stripe stores these; we receive only what's necessary for delivery)
• Communication content when you email us
• Anonymous analytics from your browser (page views, referrer, basic device info) via the Site's hosting platform (Cloudflare)

We do not collect or store payment card details. Card processing is handled entirely by Stripe.

2. How We Use Information

We use your information to:

• Deliver products you've purchased
• Send you the welcome-gift content if you opted in
• Send Quarterly Updates if you've subscribed
• Send product-related announcements (new flagships, regulatory briefs, refresh announcements)
• Respond to your enquiries
• Improve the products and Site based on aggregate usage patterns

3. Marketing Communications

If you submit your email via the welcome-gift form, you opt in to receive the 7-day Fintech Operator Course and ongoing weekly newsletter. You can unsubscribe at any time using the link in any email.

4. Sharing

We do not sell your personal information. We share data only with:

• Stripe — to process payments
• Email service provider (MailerLite or ConvertKit) — to deliver emails to subscribers
• Cloudflare — our hosting provider, which receives standard server logs
• Legal authorities if required by law

5. Cookies

The Site uses minimal cookies — primarily for security (Cloudflare bot mitigation) and basic analytics. We do not use marketing cookies or third-party tracking pixels.

6. Data Retention

We retain your information for as long as you remain a customer or subscriber. If you unsubscribe and do not have an active product purchase, we'll remove your details from our marketing list within 30 days. Purchase records are retained for 7 years for tax and audit purposes (required under Australian tax law).

7. Your Rights

You may at any time:

• Request a copy of the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your information (where it's not required for legal/audit purposes)
• Unsubscribe from marketing communications

To exercise these rights, email andrew@theprotocolcollective.com.

8. International Buyers

If you're in the EU or UK, GDPR and equivalent rights apply. If you're in California, CCPA rights apply. We handle requests under both regimes when validly submitted. We do not transfer data to jurisdictions without adequate protections.

9. Security

We use reasonable security measures to protect your information, including encrypted connections (HTTPS), reputable third-party processors, and limited internal access. No system is perfectly secure; we cannot guarantee absolute security.

10. Changes

We may update this Privacy Policy. The "Last updated" date reflects the most recent change.

11. Contact

Privacy questions: andrew@theprotocolcollective.com.