Privacy Policy

Golwen Advisory LLC (“Golwen Advisory,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes what information we collect, how we use it, and the choices you have regarding that information when you visit golwenadvisory.com (the “Site”) or use our research services.

By using the Site or engaging our services, you agree to the practices described in this Policy. If you do not agree, please discontinue use of the Site.

Information you provide directly. When you submit a contact or intake form, request a research engagement, or communicate with us by email, you may provide your name, email address, organization, job title, and the details of your research question or project.

Account information. If you create an account to access the Forge research platform, we collect your email address and any profile information you provide. Account authentication is handled by Clerk, a third-party identity provider (see Section 5).

Usage data. We automatically collect certain technical information when you visit the Site, including your IP address, browser type, referring URL, pages visited, and timestamps. This information is used to operate, maintain, and improve the Site.

Research inputs. When you submit a research request through the platform, we retain the question text, supplementary context, and any other inputs you provide in order to fulfill your engagement and improve our services.

We use the information we collect to:

• Provide, operate, and improve our research services;
• Respond to inquiries and communicate with you about your engagement;
• Deliver completed research reports and related deliverables;
• Process and fulfill service requests submitted through the platform;
• Monitor site performance and diagnose technical issues;
• Comply with applicable legal obligations.

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

The Site uses cookies and similar tracking technologies to maintain session state, authenticate users, and understand how the Site is used. Essential cookies are required for the Site to function; you may disable non-essential cookies through your browser settings, though doing so may affect certain features.

We do not use third-party advertising cookies or behavioral tracking networks.

We work with carefully selected third-party service providers to operate the Site and deliver our services:

• Clerk — user authentication and identity management. Subject to Clerk's Privacy Policy.
• Anthropic — AI model inference powering our research platform. Research inputs are transmitted to Anthropic's API. Subject to Anthropic's Privacy Policy.
• Railway / Vercel — cloud infrastructure hosting our backend and frontend. Data may be processed on servers in the United States.
• Resend — transactional email delivery for report notifications.

Each provider is contractually obligated to handle your data in accordance with applicable privacy law. We do not authorize these providers to use your information for any purpose other than providing services to us.

We retain your personal information for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Research deliverables and associated inputs are retained for a minimum of one year following completion of an engagement unless a shorter retention period is agreed upon in writing.

We implement reasonable administrative, technical, and physical safeguards to protect your information against unauthorized access, disclosure, alteration, and destruction. No method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal information, or to object to or restrict certain processing activities. To exercise any of these rights, please contact us at the address below. We will respond to verifiable requests within the timeframe required by applicable law.

The Site and our services are intended for business use by adults. We do not knowingly collect personal information from individuals under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately.

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page. Continued use of the Site following the posting of changes constitutes your acceptance of the revised Policy.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: