The Sovereign Technologist

Privacy Policy

1. Who We Are

The Sovereign Technologist is operated by Cristian Lascu (individual).

Contact: Email: [email protected] — Address: Glatzer Strasse 16, 45768, Marl, Germany

I am the data controller responsible for your personal information under the General Data Protection Regulation (GDPR) and German data protection law (BDSG).

Note: The Sovereign Technologist is currently operated as an individual project. A legal entity registration is planned for later in 2026. This Privacy Policy will be updated when that happens.

2. What Information I Collect

When You Subscribe to My Newsletter

I collect:

  • Your email address (required)
  • Your first name (optional — asked so I can personalize emails)
  • Subscription date and source (where you signed up)
  • Optional onboarding survey responses, which may include:
    • Your current role and seniority (with “other” free-text if you choose)
    • Years of experience in tech
    • Your current work situation (e.g. full-time employed, freelancing, building your own venture)
    • Your build goals for the next 6–12 months (multi-select)
    • Your biggest current challenge (with optional free-text)
    • What would make The Sovereign Technologist worthwhile for you (free-text, optional)
    • How you discovered the newsletter (optional)
    • Top newsletter topics you’d like to see (multi-select, up to three)

When You Visit My Website

I automatically collect:

  • Technical information: IP address, browser type, device type, operating system
  • Usage data: Pages you visit, time spent on pages, links clicked
  • Referral source: How you found my website

What I Don't Collect

I do not collect:

  • Payment information (the newsletter is free)
  • Sensitive personal data (health, political opinions, etc.)
  • Location data beyond what your IP address reveals

3. How I Use Your Information

Newsletter Delivery: Send you my weekly newsletter; notify you of important updates; share new frameworks, build logs, and resources.

Analytics and Improvement: Understand how people use my website; improve content and user experience; measure newsletter open rates and engagement (aggregated data only).

Communication: Respond to your questions or feedback; provide support if you have issues.

Legal Compliance: Comply with legal obligations; protect against spam and abuse.

4. Legal Basis for Processing (GDPR)

I process your data based on:

  • Consent (Art. 6(1)(a) GDPR) — You explicitly consent when subscribing to my newsletter; you consent to cookies via the cookie banner.
  • Legitimate Interests (Art. 6(1)(f) GDPR) — Website analytics to improve user experience; security and fraud prevention.

You can withdraw consent at any time by unsubscribing or adjusting cookie settings.

5. Newsletter Service Provider

I use Beehiiv to manage and send my newsletter. Beehiiv stores your email address and name, sends newsletter emails on my behalf, tracks email opens and clicks (aggregated metrics), and manages unsubscribe requests. Beehiiv's location: United States. Data protection: Beehiiv complies with GDPR requirements through Standard Contractual Clauses (SCCs) for data transfers outside the EU.

Beehiiv's Privacy Policy

Your control: You can unsubscribe at any time using the link at the bottom of every email.

6. Analytics

I use analytics tools to understand how people use my website. Tool: Google Analytics 4 (GA4), Measurement ID G-EG7B08N62M. What it collects: pages visited, time spent on site, traffic sources, device and browser type, anonymized IP addresses. Purpose: Improve website content and user experience. Your control: You can opt out via the cookie consent banner, your browser's Do Not Track settings, or analytics opt-out browser extensions (e.g. uBlock Origin, Privacy Badger). Change your choices anytime via "Cookie preferences" in the footer.

7. Cookies

Essential Cookies (Always Active): Required for basic website functionality; remember your cookie consent choice; security and spam prevention.

Analytics Cookies (Optional — Requires Your Consent): Google Analytics 4 (website usage); Beehiiv (newsletter performance tracking).

No Marketing/Advertising Cookies: I don't use advertising or third-party marketing cookies; I don't sell your data to advertisers.

You can control cookies through the cookie banner, your browser settings, or by withdrawing consent at any time. Note: Blocking essential cookies may affect website functionality.

8. Data Sharing

I only share your data with: Beehiiv (newsletter delivery) — USA, GDPR-compliant via SCCs; Google (website analytics via Google Analytics 4); Hetzner Online GmbH (website hosting in Nuremberg, Germany, ISO 27001-certified and GDPR-compliant).

I do NOT: sell your data to third parties; share your email with marketers; use your data for advertising beyond my own newsletter.

Legal Disclosure: I may disclose data if required by law, court order, or to protect my legal rights.

9. International Data Transfers

Some service providers (like Beehiiv) are based in the United States. When transferring your data outside the EU, I ensure protection through Standard Contractual Clauses (SCCs) approved by the European Commission and GDPR-compliant data processing agreements. Your data receives the same level of protection as required in the EU.

10. How Long I Keep Your Data

  • Active newsletter subscribers: Until you unsubscribe. After unsubscription: Deleted within 30 days (except where legally required to retain).
  • Website analytics: Aggregated data retained for 14–26 months, then anonymized.
  • Email correspondence: Retained for up to 2 years for support purposes.

11. Your Rights Under GDPR

You have the right to: Access — Request a copy of your personal data; Rectification — Correct inaccurate or incomplete data; Erasure — Delete your data ("right to be forgotten"); Restriction — Limit how I use your data; Data Portability — Receive your data in a machine-readable format; Object — Object to processing based on legitimate interests; Withdraw Consent — Unsubscribe or change cookie preferences anytime; Lodge a Complaint — File a complaint with your data protection authority.

How to exercise your rights: Email me at [email protected]. I will respond within 30 days.

12. Data Security

I take security seriously: Encryption (SSL/TLS for data in transit); secure, GDPR-compliant providers; limited access to personal data; regular monitoring. No internet transmission is 100% secure, but I use industry-standard protections.

13. Children's Privacy

My newsletter is not intended for anyone under 16 years old. I do not knowingly collect data from children. If you believe I have collected data from a child, please contact me immediately.

14. Changes to This Privacy Policy

I may update this Privacy Policy as my services evolve. Changes will be posted on this page with a new "Last Updated" date. For significant changes, I'll notify you via email or a prominent website notice.

15. Contact Me

Questions about this Privacy Policy? Want to exercise your rights?

Email: [email protected]
Website: thesovereigntechnologist.com

German Data Protection Authority:
Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153, 53117 Bonn, Germany
Website: www.bfdi.bund.de