Privacy · Policy
The short version
This site collects two pieces of personal data: your email address if you choose to subscribe, and anonymised usage analytics to understand how the site is read. We do not sell your data, share it with advertisers, or use it to build a profile of you. You can unsubscribe or request deletion at any time.
The rest of this page explains the details in the order most people ask about them.
Who runs this site
Keto Dive is published and maintained by Adam J. Smith, operating as a sole trader. For the purposes of UK GDPR and the Data Protection Act 2018, Adam J. Smith is the data controller — the person who decides what data is collected and how it is used.
You can contact the controller about anything in this policy at hello@ketodive.life.
What we collect, and why
If you subscribe to the email list
When you submit the email signup form, we collect:
- Your email address — so we can send you the Reset Card and occasional follow-up notes about the book.
- The date and time you signed up — held by our email provider as part of standard subscription records.
- Optionally, your first name — only if you choose to enter one. It is used only to personalise the greeting in emails you receive.
We do not collect your IP address through the form. We do not pass your email address to third-party advertisers or list brokers. Ever.
The lawful basis for this processing is your consent (UK GDPR Article 6(1)(a)), given by submitting the form. You can withdraw that consent at any time by clicking the unsubscribe link in any email, or by emailing us.
If you simply visit the site
We use Google Analytics 4 to understand which pages are read, where readers come from, and which links are followed. The aim is editorial, not commercial: it helps us know what's useful to write more of.
Google Analytics sets small cookies in your browser to do this. You will be asked for consent the first time you visit, and the analytics will only run if you opt in. You can change your mind at any time using the cookie preferences link in the footer. If your browser sends a Global Privacy Control signal, we treat it as an automatic opt-out and Google Analytics will not load, regardless of any other setting.
The lawful basis for non-essential analytics is your consent. If you decline, the site still works fully and you will not be asked again on every visit.
Who else sees your data
We use a small number of third-party services to operate the site. These are called data processors: they handle data on our behalf, under contracts that meet UK GDPR requirements.
- Kit (formerly ConvertKit) — manages the email list and sends the emails. Kit is a US company. Email subscriber data is transferred to the United States under the EU-US and UK-US Data Privacy Framework, to which Kit is certified. Kit's privacy policy.
- Netlify — hosts the website itself. Netlify processes basic request data (IP address, browser type, timestamp) for the technical purpose of serving the page and protecting against abuse. This data is held briefly and not used by us for any other purpose. Netlify's privacy policy.
- Google Analytics (Google LLC) — provides anonymised usage statistics if you have consented to analytics cookies. Google is a US company; data transfer is covered by the EU-US and UK-US Data Privacy Framework, to which Google is certified. IP addresses are anonymised before processing. Google's privacy policy.
We do not currently use any advertising platforms, retargeting pixels, or social-media tracking tools on this site.
How long we keep your data
- Email subscribers: we keep your address for as long as you stay subscribed. If you unsubscribe, your address is removed from active sending and is then purged from Kit's records in line with their data-retention schedule (typically within 30 days).
- Analytics data: stored anonymously by the analytics provider for the period set by their default retention policy (typically 14 months, sometimes shorter).
- Email correspondence with us: kept in our inbox for up to two years, unless you ask us to delete it sooner.
Your rights
Under UK GDPR you have the right to:
- Access — ask for a copy of any personal data we hold about you.
- Rectification — ask us to correct anything that's wrong.
- Erasure — ask us to delete your data ("right to be forgotten").
- Restriction — ask us to pause processing while a question is resolved.
- Portability — ask for your data in a portable, machine-readable format.
- Objection — object to a particular use of your data.
- Withdraw consent — at any time, with no need to give a reason.
To exercise any of these rights, email hello@ketodive.life. We will respond within one month, and usually much sooner.
If you are not satisfied with how we've handled your data, you can complain to the UK supervisory authority, the Information Commissioner's Office. We would prefer you came to us first, but it is your right.
Children
This site and its content are intended for adults. We do not knowingly collect personal data from anyone under 16. If you believe a child has subscribed to the list, please email us and we will remove their data immediately.
Security
We rely on the security measures of our processors (Kit, Netlify, and the analytics provider) to keep data safe in transit and at rest. We do not run our own database or hold subscriber data on personal devices. No system is perfectly secure, and we will tell you promptly if we ever become aware that your data has been compromised, in line with UK GDPR breach-notification rules.
Changes to this policy
If we change anything material in how we handle data — for example, adding a new analytics tool — we'll update this page and change the effective date at the top. For significant changes, we'll also email everyone on the list before the change takes effect.
About this document
This privacy policy was prepared with care but is not legal advice. If your question relates to a specific legal situation, you may wish to consult a solicitor or the ICO directly. We're happy to clarify anything in plain English — email us first.