/ —

// PRIVACY

The short version. What this site keeps, what it doesn't, and how to make us stop.

[ LAST UPDATED · 11.07.2026 ]

// 01 · WHAT WE KEEP

  • Usage data — anonymous page views, referrers, browser, OS, and country (derived from IP, IP not stored). Source: Vercel Analytics. Aggregated stats are retained for as long as the project runs; no raw event is tied to you because no identifier is stored.
  • Performance data — anonymous Core Web Vitals (LCP, CLS, INP). Source: Vercel Speed Insights. Same retention profile as above.
  • Correspondence — if you email us, we keep your name, address, and message body until the event is over plus twelve months, then delete the thread.
  • Your application — if you apply to attend, we keep the name, email, phone, LinkedIn URL, and any invitation code you submit. We also enrich a few company details (role, company, size, industry) from your email domain and public sources to help triage applications. Kept until the event is over plus twelve months, then deleted, or sooner on request.
  • The stay-in-touch list — if you leave your email on the home page, we keep just that: your email address, so we can tell you about the next edition. Nothing else, no name, no tracking. Leave any time with one click at /unsubscribe (or the link in any email we send), and we delete you on request.

// 02 · THE ROOM

If your application is approved, you get access to The Room — a private, signed-in directory of the other approved guests. By accepting your place you agree that your name, role, company, those enriched company details, and your LinkedIn are shown to other approved guests there. Email addresses are never shown.

Guests can send each other intro requests with a short note. We email the request to the recipient, who decides. Only if they accept do we introduce the two of you by email so you can connect — nothing is shared otherwise.

You can leave the directory at any time: your profile is hidden and you stop receiving requests, while your event seat is unaffected. Manage it from your room profile, or email us to be removed entirely.

// 03 · WHAT WE DO NOT

  • No cookies. No local storage tracking. No fingerprinting.
  • No advertising or remarketing pixels.
  • No third-party analytics beyond Vercel's.
  • No selling or renting the stay-in-touch list. It is only ever used to tell you about the next edition, and never shared.
  • No automated decisions about you.
  • No targeting of children. The site is not intended for anyone under 16.
  • No selling, sharing, or licensing of your data to third parties, ever. The only place your details are shown to anyone is The Room, to other approved guests, as described above.

// 04 · WHY WE KEEP IT

Site analytics and event correspondence rely on legitimate interest under Art. 6(1)(f) GDPR — running and improving the site, and replying to people who reach out. Your application and The Room rely on your consent (given when you apply and accept a place) and on our legitimate interest in running the event; you can withdraw it any time by leaving the room or asking us to delete your application. The stay-in-touch list runs on your consent, given when you submit your email; withdraw it any time by unsubscribing. We don't use cookies, so the ePrivacy consent banner you see everywhere else doesn't apply here.

// 05 · WHO HANDLES IT

Vercel Inc. hosts the site and processes analytics. Our application and room data lives in a managed Postgres database (Neon); we send transactional email (sign-in links, intro requests) through Resend; and we enrich company details via the Vercel AI Gateway and a web search provider. Some of these process data in the United States under their data processing addenda and EU Standard Contractual Clauses. We never sell or share your data with anyone else.

// 06 · SECURITY

TLS in transit, end to end. The Room and your application are behind a signed-in, approved-guest gate, and contact details are only exchanged after a mutual intro accept. If we ever suffer a breach affecting your data, we'll notify the supervisory authority within 72 hours and reach you directly if there's a high risk to your rights.

// 07 · YOUR RIGHTS

Under the GDPR you may request access, rectification, erasure, restriction, objection, or data portability. Email signal@off-the-radar.com and we'll respond within thirty days.

To opt out of analytics, block /_vercel/insights/* with the content blocker of your choice — we don't reach for a server-side fallback to capture you.

You may also lodge a complaint with your local data protection authority. In Belgium that's the Autorité de protection des données.

// 08 · CONTROLLER

Tanguy Goretti, on behalf of Off the Radar — Brussels, Belgium.
We don't have a Data Protection Officer; the controller handles requests directly.
Reach: signal@off-the-radar.com.

// 09 · UPDATES

We update this page when something changes — a new processor, a new collection point, a new retention window. The current version date is stamped at the top.