Get Started
Get Started

Privacy Policy

Modern CX Mindset — Privacy Policy (GDPR-Compliant)

Last Updated: November, 2025

Modern CX Mindset is privacy-first. We avoid unnecessary data collection, do not run ads or trackers, and do not sell personal information. This policy explains what we collect, how we use it, and the rights you have—especially under the GDPR if you are located in the European Union or European Economic Area.

  1. Who We Are

Modern CX Mindset
Website: https://moderncxmindset.com
Contact: hello@moderncxmindset.com
Data Controller: Modern CX Mindset

  1. What Personal Data We Collect and Why

We collect only the minimum data needed to operate the site and provide services.

Email Submissions

If you provide your email address (e.g., beta sign-ups or contact forms), we store it securely and use it only for the stated purpose.

Lawful basis under GDPR:
• Consent (Article 6(1)(a)) for sign-ups
• Legitimate Interest (Article 6(1)(f)) when responding to direct inquiries

We never sell or share your email.

Analytics (Umami)

We use Umami, a privacy-focused, cookie-free analytics platform hosted in the EU.
Umami collects only aggregated, anonymized usage data (e.g., page views, referrers).

Lawful basis:
• Legitimate Interest (Article 6(1)(f)) — understanding site performance while respecting privacy.

Umami does not collect personal data, does not use cookies, and does not track users across sites.

Local Storage (Preferences Only)

Your browser may save theme settings (light/dark), accent color preferences, and your choice to enable embedded videos.

This data remains on your device and is never sent to our servers.

Lawful basis:
• Not applicable — this is not personal data processing.

  1. Cookies

We intentionally keep cookie usage to a minimum.

At this time, we do not use:
• Advertising cookies
• Analytics cookies
• Tracking cookies
• Comment-related cookies
• Login cookies (no user accounts)

A temporary cookie may be created by WordPress solely to check whether your browser accepts cookies. It is deleted when you close your browser and contains no personal data.

If future features require additional essential cookies (e.g., LMS or account features), this policy will be updated.

  1. Embedded Content

Our website may include embedded content such as:
• YouTube (using privacy-enhanced mode where possible)
• Cal.com scheduling widgets
• Calendly scheduling widgets
• Other embeds when needed

When you interact with embedded content, the third-party provider may collect data according to its own privacy policy.
Embeds are only activated when you choose to load them, whenever technically possible.

Lawful basis:
• Consent (Article 6(1)(a)) for activating optional embeds
• Legitimate Interest (Article 6(1)(f)) for functional integrations like scheduling

  1. Third-Party Plugins and Tools (WordPress)

We use a minimal set of plugins and avoid any that use invasive tracking or advertising.

If a plugin processes personal data (e.g., contact forms), it does so only to provide that specific feature.

We keep a list of processors internally and update this policy if we introduce tools that materially change data use.

  1. How We Store and Protect Data
    • Email addresses are stored securely in Infomaniak (EU-based).
    • Analytics data stays within Umami’s EU infrastructure.
    • We do not store sensitive categories of data.
    • We do not sell or share visitor data.
    • No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties

Security Measures Include:
• Strong encryption in transit
• Secure hosting environments
• Access controls
• Minimal retention

  1. International Transfers

At this time, all analytics and hosting are located in the EU (Infomaniak + Umami EU servers).

If we ever need to process personal data outside the EU/EEA, we will ensure appropriate safeguards such as:
• Standard Contractual Clauses (SCCs)
• Data processing addendums
• Adequacy decisions

We will update this policy before any international transfers occur.

  1. Data Retention

We retain personal data only as long as necessary:
• Email submissions: until you request deletion or until the purpose is fulfilled.
• Server logs (if present): typically a short duration for security and troubleshooting.

We do not retain unnecessary data and do not profile users.

  1. Your GDPR Rights

If you are located in the EU/EEA, you have the following rights:
• Right of access — what data we have about you
• Right to rectification — correct inaccurate data
• Right to erasure — request deletion of personal data
• Right to restriction of processing
• Right to data portability
• Right to object — especially to processing under legitimate interests
• Right to withdraw consent — at any time (does not affect prior lawful processing)

To exercise these rights, contact:
hello@moderncxmindset.com

We respond promptly to all requests.

  1. No Advertising, No Tracking, No Selling of Data

We do not:
• Sell personal information
• Use behavioral tracking
• Participate in ad networks
• Perform cross-site profiling

We operate independently and respect visitor privacy.

  1. Changes to This Policy

We update this policy when site functionality or data practices change (e.g., LMS or user account features).
Any significant updates will be clearly posted.

  1. Contact Us

For privacy questions or GDPR requests:

hello@moderncxmindset.com
Modern CX Mindset
© 2025 Modern CX Mindset. All rights reserved.