Privacy Policy

The only personal data we collect is your email addresswhen you submit it on the landing page. We use it to send you a welcome email, occasional editorial alerts and a Sunday digest. We don’t track you, don’t use cookies, don’t run analytics, don’t share your email with anyone except the providers strictly needed to deliver email and host the site.

The data controller for the purposes of EU GDPR is Mr Crumbs, based in Spain, contactable at hello@mrcrumbs.finance.

• Email address — to deliver the welcome email and, after 1 June 2026, the editorial alerts and weekly digest. Lawful basis: your consent when you submit the form (Article 6(1)(a) GDPR).
• Sign-up timestamp — automatically recorded by our email provider (Resend) for audit and bounce-handling.

We do not collect your name, IP address, location, browsing behaviour, device fingerprint, or any tracking identifiers.

We don’t set any cookies on the landing page and we don’t run any analytics, advertising or tracking scripts. Your visit is not logged beyond what your browser sends to our host (Vercel) at the network layer in the normal course of serving a webpage.

Strictly with two service providers, who act as our data processors and only on our instructions:

• Resend (privacy policy) — stores the contact list and sends emails on our behalf. Region: EU (eu-west-1).
• Vercel (privacy policy) — hosts the landing page and runs the API endpoint that forwards your email to Resend.

We don’t sell, rent, license, or otherwise commercialise your email. We don’t share it with advertisers, data brokers, or social platforms.

Both Resend and Vercel may transfer data to the US for operational purposes. Both rely on the EU–US Data Privacy Framework and Standard Contractual Clauses to legitimise these transfers under GDPR.

We keep your email until you unsubscribe. After unsubscribe, we retain the address in a suppression list (marked “unsubscribed”) so that we don’t accidentally re-add you. You can ask us to delete it entirely; see your rights below.

If you’re in the EU/EEA you have the right to:

• Access — ask what we have about you.
• Rectification — correct it.
• Erasure — have it deleted.
• Portability — receive it in a machine-readable format.
• Restrict or object to processing, including direct marketing.
• Withdraw consent at any time (one-click unsubscribe).
• Lodge a complaint with your supervisory authority — in Spain, AEPD.

To exercise any of these, write to hello@mrcrumbs.finance. We will respond within 30 days.

Email transit is encrypted (TLS). Resend’s and Vercel’s infrastructure provides at-rest encryption. We don’t store passwords or sensitive identifiers — your email is the only thing we hold.

The service is not directed at children under 18. If you believe a child has signed up, write to us and we will remove the address.

We’ll update this Policy as practices change. Material changes will be announced by email to anyone on the list at the time.