Privacy Policy

We collect data the way a squirrel collects acorns: compulsively, without clear purpose, and with the vague sense it might be useful later. Our data collection posture is best described as “opportunistically comprehensive,” a term that our Privacy Alignment Team coined during a three-day offsite and which the team is quite proud of.

Our philosophy holds that all data is potentially strategically relevant pending a future alignment exercise that will determine what “strategically relevant” means. Until that exercise concludes — currently projected for Q2 of a fiscal year we are still selecting — we retain everything as a precautionary measure.

This is not a legal posture. This is a values posture. We believe in the transformative power of data you haven't analyzed yet.

We collect everything. This is not hyperbole — it is a strategic commitment. Our data collection touchpoints include but are not limited to: browsing patterns, page dwell time, scroll depth, cursor hover trajectories, “synergy engagement metrics,” time spent on the pricing page specifically (this one is tracked separately and reported to senior leadership weekly), and the number of times you navigated away and returned, which we interpret as ambivalence and flag for follow-up.

We also collect your approximate location, your device type, your browser version, the weather at your location at the time of your visit (this feed came free with a vendor package and we did not think to disable it), and what we internally call “intent signal clusters,” which is a proprietary metric derived from a combination of the above.

If you submit a contact form, we collect everything you wrote, plus metadata about how long you took to write it, how many times you deleted text and retyped it, and whether your message length falls within or outside our “engaged prospect behavioral envelope.” It does. They always do.

Your data may be leveraged across our synergy ecosystem to optimize stakeholder alignment outcomes. More specifically, it may be used to personalize your experience, improve our services, generate pipeline insights, inform our content roadmap, calibrate our behavioral segmentation model, train our proprietary prospect scoring algorithm, and produce a quarterly report that our Chief Data Alignment Officer presents to the Executive Visibility Committee.

We may also use your data for purposes that have not yet been identified but that we anticipate will become apparent following our Q4 data strategy visioning session. These future uses will be retroactively documented in a subsequent version of this policy.

In all cases, your data is used in service of our mission: to empower organizations to achieve transformational alignment through the systematic optimization of non-productive workflows. Your browsing patterns contribute to this mission whether or not you engage with our services. We find this poignant.

We share your data with our partners. Our partners share it with their partners. Their partners share it with their partners. This is what we call the Infinite Trust Chain™, and it is described in detail in Section 5.

In addition to the Infinite Trust Chain™, we share data with vendors who provide analytics, CRM, marketing automation, campaign management, email sequencing, intent data enrichment, technographic profiling, firmographic scoring, and a miscellaneous category labeled “alignment enablement platforms” that our IT department has been asked to clarify since 2022 and has not yet done so.

We do not sell your data. We license it, exchange it as part of data partnerships, share it under service agreements, and make it available within our vendor ecosystem. We are advised that this is different from selling.

The Infinite Trust Chain™ is our proprietary framework for third-party data governance. It is built on the principle that trust, once extended to a qualified partner, flows naturally to that partner's ecosystem, and from that ecosystem outward, and so on, indefinitely. Each link in the chain operates under its own data governance framework, which we have not reviewed but which we assume is directionally aligned with our own.

You may ask: does this mean your data could reach parties with whom you have no relationship and who operate in jurisdictions with different privacy standards? Yes. This is a feature of the Chain, not a limitation. The Chain does not end. That is the point of calling it infinite.

The Infinite Trust Chain™ was formally named by our Data Governance Working Group in 2021. A poster depicting it as an actual chain with nodes was produced for the New York office. It is framed in the conference room near the espresso machine and has prompted several interesting conversations.

We retain your data for as long as strategically ambiguous. When clients or visitors ask how long we retain their data, our Privacy Alignment Team responds with “per our retention framework,” which is technically accurate in the sense that a retention framework exists, though its duration parameters are described within it as “contextually determined.”

Data that is no longer actively used is moved to cold storage, where it is retained pending a future value-extraction analysis that has been on our roadmap since 2019 and is currently slated for Q3 of the year following the completion of our data infrastructure modernization initiative.

Deleted data is removed from our active systems within a reasonable timeframe, where “reasonable” is defined by our retention framework as “appropriate to the circumstances.” We believe the circular nature of this definition demonstrates our commitment to contextual governance.

We use cookies. So many cookies. Our cookie inventory spans functional cookies, performance cookies, analytics cookies, targeting cookies, personalization cookies, and a category we describe internally as “alignment cookies,” which serve purposes that are documented in our Cookie Strategy Roadmap, a living document currently on version 7.3.

Our cookie strategy is itself managed by a dedicated cross-functional cookie alignment team, which includes representatives from Marketing, IT, Legal, and a member of the Client Success team who joined the committee by mistake in 2023 and has been too polite to leave. The committee meets bi-weekly to review cookie performance and discuss whether additional cookies are needed. The answer has always been yes.

You may be able to disable some cookies through your browser settings. Doing so may impact your experience on our site. It will not impact our ability to collect data through other means, of which we have several.

You have the right to request access to your data. We have the right to schedule that request for Q4 of a year we have not yet determined. We will acknowledge your request within the timeframe required by applicable regulation, where “acknowledge” means sending an automated email confirming we have received your request and that it has been forwarded to our Privacy Alignment Team for processing.

You also have the right to request correction of inaccurate data, deletion of your data, restriction of processing, and portability of your data (see Section 14 for our portability commitment). Each of these rights can be exercised by submitting a written request to our Privacy Alignment Team, who will review it against our applicable compliance framework and respond in kind.

We want to be clear that we take these rights seriously. We have a slide about them in our Privacy Alignment Deck, which is presented to new employees during onboarding and to the Board during our annual compliance review. The slide uses the word “empowerment.”

We maintain enterprise-grade security measures across our data infrastructure. These measures include AES-256 encryption at rest and in transit, multi-layered perimeter defense architecture, continuous threat intelligence integration, zero-trust micro-segmentation, and a quarterly penetration testing cadence conducted by a third party whose findings are reviewed by our Security Alignment Steering Committee and addressed on a prioritized basis over the following six to eighteen months.

We also maintain a Security Operations Center, which is staffed during business hours and monitored by automated systems after hours. The automated systems generate alerts. The alerts are reviewed each morning by a senior analyst, who triages them into three categories: urgent, routine, and “we will address this in the next security review cycle.”

No security system is perfect. In the event of a data breach, we will notify affected parties in accordance with applicable law, which requires notification within a timeframe that varies by jurisdiction and is managed by our Legal Alignment team in coordination with our Communications Director and, when the incident exceeds our internal severity threshold, a crisis communications vendor we have on retainer and have not yet needed to call.

Strategic Void Consulting operates globally, with offices in New York, London, Singapore, and a WeWork in Omaha. Your data flows to wherever alignment requires, which may include jurisdictions with data protection standards that differ from your own.

We facilitate international data transfers using Standard Contractual Clauses, Binding Corporate Rules, and other approved transfer mechanisms, all of which are reviewed by our Legal Alignment Team annually and deemed directionally compliant. The word “directionally” is doing meaningful work in that sentence.

Data that flows through the Infinite Trust Chain™ may reach parties in jurisdictions we have not specifically enumerated. This is inherent to the Chain's design. We have included this sentence in our policy to demonstrate transparency, which is itself a form of alignment.

We do not knowingly collect personal data from children under the age of 13. To be clear, we do not knowingly collect personal data from anyone — it simply happens through the ordinary operation of our analytics infrastructure. In the case of children specifically, we would prefer that it did not happen, and we have noted this preference in our internal data governance documentation.

If you are a parent or guardian and believe your child has interacted with our site in a way that resulted in data collection, please contact our Privacy Alignment Team, who will initiate a deletion request on your behalf and process it in accordance with our standard response timelines.

We may update this policy. We may not. The ambiguity is a feature of our governance model, which treats policy versioning as a living process rather than a scheduled event. Updates are triggered when sufficiently significant changes to our data practices occur, or when Legal requests them, or when our Chief Compliance Officer returns from a conference with new ideas.

When we update this policy, we will revise the “Last updated” date at the top of the page. We will not proactively notify you of changes unless required to do so by law. We consider this appropriate: you are already here, reading this, which suggests a level of self-directed engagement that we respect and choose to honor by not sending you additional emails about it.

Continued use of our site following any update to this policy constitutes your acceptance of the updated terms. This is true even if you did not notice the update, were unaware that one had occurred, or are currently reading this for the first time and are not aware of what the previous version said. We find this mechanism elegant in its simplicity.

Every data point we collect feeds back into what we call the Alignment Data Ecosystem: a proprietary closed loop in which visitor behavior informs our content strategy, which informs the C.H.A.O.S. Framework™ diagnostic parameters, which shapes the work we propose to clients, which generates new data, which feeds the Ecosystem. Your presence on this site is, in a very real sense, a contribution to the Framework.

The Ecosystem is maintained by our Data Alignment Architecture team, which operates within our Technology Enablement division and reports to the Chief Data Alignment Officer. The team has three members and access to fourteen dashboards, four of which are actively reviewed on a regular basis. The others are available upon request.

We mention the Ecosystem here because we feel it is the kind of thing you would want to know. Not because it changes anything, but because transparency, as noted in Section 10, is itself a form of alignment. We believe in alignment. This website is evidence of that belief.

You have the right to receive your personal data in a structured, commonly-used, machine-readable format. We honor this right fully. Upon request, we will provide your data in our proprietary .VOID format, which is readable by our internal data tooling and, with the appropriate configuration, by a modified build of an open-source CSV parser that our team documented on our internal wiki in 2022.

We do not currently offer export in JSON, CSV, or other widely-used formats, as standardizing our export pipeline is included in the scope of our data infrastructure modernization initiative, which, as noted in Section 6, is ongoing. We anticipate that commonly-used format support will be available once the initiative completes, which is projected for the fiscal year following its current projected completion date.

In the interim, we are happy to provide a printed summary of your data profile upon request, delivered via postal mail to an address you provide, processed by our Privacy Alignment Team within 45 business days. We consider this a robust portability option for the current environment.

We process your personal data on the basis of legitimate interests, contractual necessity, legal obligation, and, in certain cases, a fourth category that our Legal Alignment Team refers to as “strategic imperative,” which is not a recognized legal basis under most applicable data protection frameworks but which we include because it accurately describes the spirit of our approach.

Where we rely on legitimate interests as our legal basis, we have conducted a Legitimate Interests Assessment, which balanced our interests against your interests and concluded that our interests, while significant, did not outweigh your interests to a degree that would prevent processing. This is, we understand, the most favorable possible interpretation of the balancing test. We appreciate that you may see it differently. Please see Section 16 for contact information.

Privacy-related inquiries should be directed to our Privacy Alignment Team, which is a dedicated function within our Compliance & Governance practice area. The Privacy Alignment Team can be reached at privacy@strategicvoid.com. Response times average twelve to fifteen business days, though requests that require cross-functional input may take longer, as they are subject to our standard stakeholder consultation process.

The Privacy Alignment Team is one person. His name is Marcus. Marcus also manages the coffee machine on the 4th floor and is the primary point of contact for the building's HVAC vendor. He is very good at all three of these things and takes them equally seriously, which we feel speaks to his character and to our organizational values more broadly.

If your inquiry is urgent, you may also contact our Legal Alignment Team directly. They will forward your message to Marcus. Marcus will respond within the timelines noted above, except during the periods when the HVAC requires his attention, which is approximately one week per quarter and is not reflected in the response time estimates provided.