Legal
Privacy Policy
Effective date: 13 July 2026
This Privacy Policy explains how personal information is handled when you visit paulgallister.com (the “Website”). We have designed this Website to collect as little personal data as possible. It is a static portfolio website: it has no contact forms, no newsletter, no user accounts, no analytics, and no advertising or tracking technologies.
1. Who is responsible
The party responsible for this Website (the “data controller” under EU law) is:
Paul Gallister, Los Angeles, California, United States of America
Email: contact@paulgallister.com
2. Information we collect
a) Server log data (via our hosting provider)
The Website is hosted by Netlify, Inc. (512 2nd Street, Suite 200, San Francisco, CA 94107, USA). When you access the Website, Netlify automatically processes standard technical information in server logs, which may include your IP address, browser type and version, operating system, referring page, and the date and time of your request. This processing is necessary to deliver the Website securely and reliably. See Netlify’s privacy notice at netlify.com/privacy.
b) Content delivery network
To display correctly, the Website may load style resources from a third-party content delivery network (CDN). When your browser requests these files, your IP address is technically visible to that provider. Fonts used on the Website are served from our own server and are not requested from third parties.
c) Information you send us by email
If you contact us by email (for example via contact@paulgallister.com), we receive the information you choose to provide — typically your name, email address, and the content of your message. We use this solely to respond to your inquiry.
d) Cookies & tracking
The Website does not set cookies and does not use analytics, profiling, tracking pixels, or advertising technologies.
3. Categories of personal information (CCPA/CPRA)
For California residents, over the past 12 months the categories of personal information that may be processed are:
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Identifiers | IP address; email address (if you write to us) | Your device / your email | Operating the Website; responding to inquiries |
| Internet / network activity | Browser type, pages requested, timestamps (server logs) | Your device | Security and reliable delivery |
We do not collect sensitive personal information, and we do not sell or share your personal information (as those terms are defined under the CCPA/CPRA). We have not sold or shared personal information in the preceding 12 months.
4. Purposes and legal bases
- Providing the Website — to deliver and secure the site (GDPR Art. 6(1)(f), legitimate interest).
- Responding to your inquiries — to answer messages you send us (GDPR Art. 6(1)(f), or Art. 6(1)(b) where pre-contractual).
5. Data retention
Server log data is retained by our hosting provider for a limited period as part of its standard operations and security. Email correspondence is kept only as long as necessary to handle your request and to comply with any applicable legal retention obligations, after which it is deleted.
6. Disclosure to third parties
We do not sell your personal information. We only use service providers that help us operate the Website — in particular our hosting provider (Netlify) — which process data on our behalf. We may disclose information where required by law.
7. International transfers
The Website is hosted in the United States. If you access it from the European Economic Area, the United Kingdom, or elsewhere, your technical data (such as your IP address) is processed in the United States. Where required, such transfers are covered by appropriate safeguards.
8. Your rights
If you are in the EU / EEA or the UK (GDPR)
You have the right to request access to, rectification of, or erasure of your personal data; to restrict or object to processing; to data portability; and to withdraw consent at any time. You also have the right to lodge a complaint with your local data protection supervisory authority.
If you are a California resident (CCPA/CPRA)
- The right to know what personal information is collected and how it is used.
- The right to delete personal information we hold about you.
- The right to correct inaccurate personal information.
- The right to opt out of the sale or sharing of personal information — note that we do not sell or share personal information.
- The right to limit the use of sensitive personal information — note that we do not collect it.
- The right to non-discrimination for exercising your privacy rights.
9. How to exercise your rights
You can make a request using either of the following methods. We will verify and respond within the timeframes required by applicable law.
- Email: contact@paulgallister.com
- Via the contact details listed in our Legal Notice
10. Children’s privacy
This Website is not directed to children, and we do not knowingly collect personal information from children under the age of 16.
11. Changes to this policy
We may update this Privacy Policy from time to time. The “Effective date” above indicates when it was last revised. We review this policy at least every 12 months.
12. Contact
For any questions about this Privacy Policy or your personal information, contact contact@paulgallister.com.
Last updated: 13 July 2026