Privacy policy

Scope

This policy covers this website only. Information shared with us during an active engagement is governed by the contract or engagement letter for that work, not by this policy. If you are sending us controlled, classified, or otherwise sensitive material (for example, Controlled Unclassified Information subject to NIST SP 800-171), please do not use this website — contact us separately to agree on a secure channel.

What we collect

We try to collect as little as possible. From this website, that is:

• Information you give us through the contact form or popup: your name, email address, optional company and phone, the project category you select, your message, and an optional timeline. The form also captures a non-personal honeypot field and a submission timestamp used purely for spam filtering.
• Standard web server logs: our hosting provider records request metadata including IP address, user-agent string, requested URL, response status, and timestamp. These logs are used to operate the site and diagnose problems.

We do not use analytics scripts, tracking pixels, advertising cookies, or behavioral profiling. The only third-party JavaScript on the site is Google reCAPTCHA Enterprise, which runs on the contact form to block automated abuse (see "Spam protection" below). The site has no advertising relationships.

How we use what we collect

• To respond to your inquiry. If you contact us, we use what you sent to reply and to prepare for a conversation about your project.
• To run and protect the site. Server logs are used for operations, performance, security investigations, and abuse prevention.
• To meet legal obligations if we receive a lawful request or are required to retain information.

We do not sell or rent personal information. We do not share it for advertising.

Service providers we rely on

We use a small number of third parties to operate the site. We do not share contact-form data with them for marketing.

• Hosting. The site is hosted on Bluehost, which processes inbound web requests and stores standard server logs on our behalf.
• Email delivery. Inquiries are sent to our inbox using Microsoft 365 (Microsoft Graph). The website authenticates to our Microsoft 365 tenant and dispatches the email through Microsoft's infrastructure. Replies are sent from our standard email account.
• Scheduling. If you choose to book a call, the scheduler link opens Calendly, which is operated by Calendly LLC under its own privacy policy. Anything you enter on the Calendly page is collected by Calendly, not by us. You do not need to use Calendly to contact us — the email form and direct email address are alternatives.
• Spam protection. The contact form is protected by Google reCAPTCHA Enterprise. When you submit the form, reCAPTCHA assesses the request to detect automated abuse, and Google may collect hardware and software information (such as device and application data) and send it to Google for analysis. By submitting the form, you agree to Google's Privacy Policy and Terms of Service. The result of the assessment is logged with your inquiry so we can investigate spam patterns; we do not use it for any other purpose.

How long we keep things

Contact inquiries and any related correspondence are retained for as long as the relationship is active and for a reasonable period afterward to support follow-up and to meet recordkeeping needs. Server logs are retained per the hosting provider's standard policy. You can ask us to delete information about you at any time — see "Your choices" below.

How we protect what we have

This website is served over HTTPS. Form submissions are transmitted over an encrypted connection. Internally, we apply reasonable administrative and technical safeguards consistent with the scale and sensitivity of the data — meaning access is limited to people who need it, devices are kept patched, and credentials are not shared. No system is perfectly secure; please tell us if you spot something that looks wrong.

Your choices and rights

Depending on where you live, you may have rights under laws such as the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or similar statutes — including the right to access, correct, delete, or export the information we have about you, and to object to certain uses.

Whatever your jurisdiction, you can email contact@strickland-consulting.com with a request and we will respond. If you submitted information to us in the past and would like it removed, just ask. We do not require a particular form.

Children

This site is for businesses and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with information, contact us and we will delete it.

International visitors

Strickland Consulting is based in the United States and operates the site from infrastructure located in the United States. If you visit from outside the U.S., your information will be processed in the United States. By using the site, you understand that applicable U.S. laws may differ from those in your country.

Changes

We may update this policy from time to time. When we do, we will revise the "Effective" date above. Substantive changes will be announced on this page.

Contact

Questions about this policy or about information we hold: contact@strickland-consulting.com, or use the contact form.