PRIVACY POLICY

Black Flag Systems (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website blackflagsystems.dev (the “Site”) or engage our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of the Site.

1. INFORMATION WE COLLECT

We may collect information about you in a variety of ways, including:

Personal Data. When you fill out a contact form, request a strategy call, or otherwise interact with the Site, you may voluntarily provide personally identifiable information such as your name, email address, company name, phone number, and any other details you choose to share.

Derivative Data. Our servers may automatically log standard information when you access the Site, including your IP address, browser type and version, operating system, referring URLs, pages visited, and the dates and times of your visits.

Analytics Data. We use Vercel Analytics to collect aggregated, anonymized data about how visitors interact with the Site (e.g., page views, session duration, geographic region). This data does not identify you personally.

2. HOW WE USE YOUR INFORMATION

We use the information we collect to:

• Respond to inquiries and provide the services you request
• Schedule and conduct strategy calls and onboarding sessions
• Send administrative communications such as confirmations and updates
• Improve the Site’s content, features, and user experience
• Monitor and analyze usage patterns and trends
• Prevent fraudulent transactions and protect against criminal activity
• Comply with applicable laws and legal obligations

We will not sell, rent, or share your personal data with third parties for their own marketing purposes without your explicit consent.

3. COOKIES AND TRACKING TECHNOLOGIES

The Site may use cookies and similar tracking technologies (e.g., pixels, web beacons) to enhance your experience. Cookies are small data files stored on your device. We use:

Strictly Necessary Cookies — required for the Site to function correctly and cannot be switched off.

Analytics Cookies — used to count visits and traffic sources so we can measure and improve the Site’s performance. All data is aggregated and anonymized.

You can instruct your browser to refuse all cookies or to alert you when cookies are being sent. If you disable cookies, some parts of the Site may not function properly.

4. THIRD-PARTY SERVICE PROVIDERS

We may share your information with trusted third-party vendors who assist us in operating the Site or conducting our business, provided those parties agree to keep your information confidential. These may include:

• Vercel — website hosting and analytics (vercel.com)
• Supabase — database and backend infrastructure (supabase.com)
• Email & Calendar Platforms — used to facilitate scheduling and communications

We do not control these third parties’ privacy practices and encourage you to review their respective privacy policies.

5. DATA RETENTION

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Contact form submissions and client communications are retained for the duration of our business relationship and for a reasonable period thereafter for record-keeping purposes. You may request deletion of your data at any time by contacting us at the address below.

6. SECURITY OF YOUR INFORMATION

We implement commercially reasonable technical and organizational measures designed to protect your personal information from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal data, including:

• Right of Access — the right to request a copy of the personal data we hold about you
• Right to Rectification — the right to request correction of inaccurate or incomplete data
• Right to Erasure — the right to request deletion of your personal data, subject to legal retention obligations
• Right to Restrict Processing — the right to request that we limit how we use your data
• Right to Data Portability — the right to receive your data in a structured, machine-readable format
• Right to Object — the right to object to our processing of your data in certain circumstances

California residents may also have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to opt out of any sale of personal information. We do not sell personal information.

To exercise any of these rights, please contact us using the information in Section 10 below. We will respond to verifiable requests within 30 days.

8. CHILDREN’S PRIVACY

The Site is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you become aware that a minor has provided us with personal data without parental consent, please contact us and we will take steps to delete such information.

9. CHANGES TO THIS POLICY

We reserve the right to update this Privacy Policy at any time. When we do, we will revise the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Your continued use of the Site after changes are posted constitutes your acceptance of the revised policy.

10. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: