Privacy Policy

1. Who We Are

JamesGray.ai ("we," "our," or "us") is operated by James Gray Innovations LLC, based in Austin, Texas. We offer consulting, coaching, courses, and educational content to help leaders accelerate innovation through data and AI. We are committed to respecting and protecting your privacy.

2. What Information We Collect

*If you are in the EU/UK, "legitimate interest" and "contractual necessity" are grounds allowed under the GDPR.

3. How We Use Your Information

• Provide services – complete purchases, deliver digital goods, schedule and conduct coaching sessions.
• Improve our site – analyze aggregated, anonymous analytics to spot usability issues or popular content.
• Communicate with you – send purchase confirmations, access details, meeting reminders, or important service updates.
• Prevent fraud & secure payments – Stripe screens transactions for fraud and PCI-DSS compliance.

4. Cookies & Similar Technologies

• Essential cookies (set by Stripe) enable secure payment processing.
• Analytics cookies (set by Google) collect aggregated usage data; IP addresses are truncated/masked so we cannot identify you personally.

You can block or delete cookies in your browser, but essential cookies are required to complete a purchase.

5. Third-Party Services

We use the following third-party services to operate our website:

• HubSpot – Processes contact form submissions. See HubSpot's privacy policy.
• Stripe – Processes all payment data. We do not store full credit-card numbers or CVC codes on our servers. Stripe is PCI-DSS Level 1 compliant. See Stripe's privacy policy.
• Calendly – Manages meeting scheduling. See Calendly's privacy policy.
• Google Analytics – Collects anonymized traffic statistics. See Google's privacy policy.
• Vercel – Hosts our website infrastructure. See Vercel's privacy policy.

6. Sharing & Disclosure

We do not sell or rent your personal data. We share information only with:

• Service providers – HubSpot, Google, Stripe, Calendly, and Vercel strictly to perform services on our behalf.
• Legal authorities – if required to comply with a law, regulation, subpoena, or court order.

7. Data Security

• HTTPS encrypts all traffic between your browser and our servers.
• Stripe encrypts payment data at rest and in transit.
• Access to analytics dashboards and CRM data is restricted to James Gray and protected by two-factor authentication.
• Rate limiting data (IP addresses) is stored temporarily and automatically expires after 60 seconds.

8. International Transfers

Our servers and service providers may be in the United States or other jurisdictions. Where required, we rely on Standard Contractual Clauses or equivalent safeguards for EU/UK data.

9. Your Privacy Rights

Depending on your location, you may have rights to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data ("right to be forgotten").
• Object to processing or request restriction.
• Port your data to another provider.

Submit requests via the contact information below; identity verification may be required.

10. Retention

• Transaction records – kept for at least seven (7) years for tax and accounting compliance.
• Analytics data – retained for 26 months, then automatically deleted or aggregated.
• Contact form submissions – retained in HubSpot until you request deletion.
• Rate limiting data – automatically deleted after 60 seconds.

11. Children's Privacy

JamesGray.ai is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy occasionally. Material changes will be announced on this page or by email if you have an active purchase account. The "effective date" at the top reflects the latest revision.

13. Contact Us

For questions, privacy requests, or complaints, contact: