Privacy Policy

Effective Date: January 4, 2026

1. Who We Are

Our website address is: https://sovereignshift.co.uk. We are the digital home of The Sovereign Shift project. This site allows users to download digital content, make voluntary contributions, and subscribe to membership tiers.

2. What Personal Data We Collect and Why We Collect It

A. Free Downloads & Newsletter (The “Free Reader”)

When you download The Sovereign Shift for free, we collect your email address.

  • Purpose: To deliver the digital file to you and to add you to “The Sovereign Audit” newsletter.

  • Legal Basis: Consent (you explicitly agree to this exchange when downloading).

  • Third Parties: Your email is stored securely with our email service provider (e.g., Ghost, Mailchimp, or Substack).

B. Payments & Subscriptions (The “Sovereign Citizen”)

If you choose to make a “Pay What You Want” contribution or purchase a monthly subscription, we collect:

  • Identity Data: Name and email address.

  • Financial Data: We do not store your credit card details on our servers. All payments are processed securely by Stripe.

  • Transaction Data: Details about payments to and from you (e.g., date, amount, and tier level).

C. Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/.

D. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

3. Cookies

  • Login Cookies: If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks.

  • Payment Cookies: Our payment processors (Stripe/PayPal) may set cookies to prevent fraud and process your transaction securely.

  • Analytics: We use anonymized analytics cookies to understand how many people are visiting the site.

4. Who We Share Your Data With

We do not sell your data. We share data only with the essential infrastructure providers required to run the Sovereign Shift:

  • Stripe: For processing payments. Stripe Privacy Policy

  • Email Provider (e.g., Ghost/Mailchimp): For sending the newsletter.

  • Discord (Optional): If you are a subscriber at the “Architect” or “Founder” tier, your email may be used to verify your status for access to the private Discord server.

  • Password Resets: If you request a password reset, your IP address will be included in the reset email.

5. How Long We Retain Your Data

  • Comments: Indefinitely (to recognize follow-up comments).

  • Subscriber Information: We retain your user profile information (email, subscription status) for as long as your account is active. If you unsubscribe, we may retain your email on a “suppression list” to ensure we do not email you again by accident.

  • Inactive Accounts: We reserve the right to delete free accounts that have been inactive for over 24 months.

6. What Rights You Have Over Your Data

Under the UK GDPR, you have the right to:

  1. Request Access: Receive an exported file of the personal data we hold about you.

  2. Request Erasure: Request that we erase any personal data we hold about you. (This does not include any data we are obliged to keep for administrative, legal, or security purposes, such as tax records of payments).

  3. Unsubscribe: You can opt-out of the newsletter at any time by clicking the “Unsubscribe” link in the footer of any email.

7. Where Your Data is Sent

  • Visitor comments may be checked through an automated spam detection service.

  • Payment data is encrypted and sent directly to Stripe’s servers.

8. Contact Information

For privacy-specific concerns, please contact the Data Controller at: [ info@sovereignshift.co.uk]