Soveraine
About Join the brief
Legal

Privacy policy

What personal data Soveraine collects when you read the site or join the newsletter, what we do with it, what we never do, and how to exercise your rights under GDPR and equivalent laws.

Last updated

Who we are

Soveraine ("we", "us") is an editorial website published at https://soveraine.com. For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, Soveraine is the data controller for personal data collected through the site. Contact: hello@soveraine.com.

If you are reading this from a jurisdiction with different privacy law — California, Brazil, Canada, Australia, the UAE and many others — the equivalent rights apply, and we honour reader requests on the same basis regardless of where you write from.

What we collect

We try to collect as little personal data as is consistent with running a free, advertising-free, reader-supported website. Specifically:

Information you give us directly. If you subscribe to our newsletter, you give us your email address and (optionally) your first name. If you write to us by email or through the contact form, you give us your email address and the content of your message.

Information collected automatically. When you visit the site, our hosting provider (Netlify) and our analytics tool record technical information about the request: the URL you requested, the time of the request, the HTTP user-agent, the IP address from which the request originated (truncated to anonymise it where analytics is used), the referring URL (if any), and similar standard web-log fields.

Information from third parties. Affiliate networks (PartnerStack, Awin, Tapfiliate and others) and individual partner programmes notify us, on a delayed and aggregated basis, when one of our links has resulted in a qualifying signup. The information they provide to us is at the level of "Soveraine link X resulted in a signup" — they do not give us the identity of the signing-up reader.

Cookies

The site uses cookies sparingly:

  • Strictly necessary cookies — for example, a cookie remembering that you have dismissed the disclosure bar. These are set by default because the site cannot reasonably work without them.
  • Analytics cookies — to measure aggregate site traffic. These are only set if you have given consent through the consent banner shown to readers in jurisdictions that require it. If you decline, no analytics cookie is set.
  • Affiliate cookies — set by third-party affiliate networks when you click an affiliate link, to attribute any resulting signup to Soveraine. These are also only set if you have given consent. You can read more in our affiliate disclosure.

We do not set advertising cookies. We do not run third-party display advertising at present. If we add display ads in future (which the strategy report contemplates as a later-phase option), this policy will be updated and a fresh consent prompt will be shown before any advertising cookie is set.

Why we collect what we collect

The legal bases on which we process personal data under the GDPR are:

  • Legitimate interests — for routine server logs and aggregate analytics, where we have a legitimate interest in understanding traffic patterns and detecting abuse, and the impact on you is minimal.
  • Consent — for analytics cookies (where required), affiliate cookies, and newsletter sign-up. Consent can be withdrawn at any time.
  • Performance of a contract — for newsletter delivery, once you have subscribed.
  • Compliance with a legal obligation — for the limited cases in which we may be legally required to retain or disclose data, such as a valid court order.

Who we share data with

We share personal data only with the following categories of third parties, and only as needed to run the site:

  • Our hosting provider, Netlify. Standard web hosting; Netlify processes requests and writes server logs.
  • Our email service provider. Used to deliver the newsletter. Your email address is held by the provider for that purpose only.
  • Our analytics provider. Used to record aggregated traffic. We have chosen a privacy-respecting provider that does not build advertising profiles on our readers; the current provider is named in the cookie consent banner.
  • Affiliate networks and partner programmes, only insofar as your browser passes a referrer when you click an affiliate link. We do not push reader-identifying data to them.

We do not sell, rent or otherwise commercially transfer reader data. We never have, and the affiliate-funded model is structured so that we never have to.

International transfers

Some of our service providers are based outside the European Economic Area, primarily in the United States. Where we transfer personal data outside the EEA or the UK, we rely on the relevant transfer mechanism — typically the European Commission's Standard Contractual Clauses — and have satisfied ourselves that the recipient applies adequate safeguards.

How long we keep data

  • Newsletter subscribers — until you unsubscribe. Unsubscribe is a one-click action in every newsletter we send. After unsubscribe, your address is removed from the active list and retained only to suppress future accidental re-subscription.
  • Email correspondence — for as long as is reasonably needed to handle the matter, typically up to two years, then deleted.
  • Server logs — rotated according to our hosting provider's default retention policy.
  • Analytics data — retained in aggregated form only; identifiable elements (e.g. IP addresses) are truncated or removed in line with the analytics provider's privacy-protective defaults.

Your rights

Under the GDPR, the UK GDPR and most equivalent laws, you have the right to:

  • access the personal data we hold about you;
  • ask us to correct inaccurate personal data;
  • ask us to delete your personal data (subject to limited exceptions);
  • ask us to restrict or object to certain processing;
  • withdraw consent that you previously gave;
  • where applicable, data portability;
  • lodge a complaint with a supervisory authority — in the EU, that is the data-protection authority of your country of residence; in the UK, the Information Commissioner's Office (ICO).

To exercise any of these rights, email hello@soveraine.com. We will respond within thirty days (often much sooner).

Children

Soveraine is written for adults considering significant cross-border financial decisions. The site is not directed at children, and we do not knowingly collect personal data from anyone under sixteen. If you believe we have, please write to us so the data can be deleted.

Changes to this policy

If we make material changes to this policy, we will update the "date" at the top of this page and, for material changes affecting existing subscribers, send a notification email. The previous version of the policy is archived and available on request.

Contact

For any privacy question, write to hello@soveraine.com.

Affiliate disclosure. We earn commissions on links to services. How this works