This policy explains what data we collect, why we collect it, how we use it, and what rights you have regarding it. It applies to all readers who visit promptingtrust.ai, subscribe to The Context, or access any deeper material published under the Prompting Trust name.
Last updated: 2026-06-22
Contact: [email protected]
This policy explains what data we collect, why we collect it, how we use it, and what rights you have regarding it. It applies to all readers who visit promptingtrust.ai, subscribe to The Context, or access any deeper material published under the Prompting Trust name.
Last updated: 2026-06-22
Contact: [email protected]
Prompting Trust is a publication operated by Synoptikon. The Context is the flagship publication. Synoptikon is the entity responsible for editorial decisions, data handling, and reader relationships.
For all privacy matters, the data controller is Synoptikon, operating under the name Prompting Trust.
This policy applies to:
The Prompting Trust website at promptingtrust.ai and all subpages
The Context and any associated editions, Big Reads, or deeper material
Subscription and account management flows powered by Beehiiv
Any forms, surveys, or reader-signal tools operated by Prompting Trust
It does not apply to third-party websites, platforms, or services that may be linked from our content — including Beehiiv's own platform infrastructure, which is governed by Beehiiv's separate privacy policy.
Information you provide directly:
Email address, when you subscribe to The Context or create a Beehiiv account
Name or display name, if you choose to provide one during signup
Responses to surveys or reader-signal forms, where you submit them voluntarily
Information collected automatically:
Standard web server logs, including IP address, browser type, referring URL, and pages visited
Beehiiv platform analytics: open events, click events, and delivery metadata associated with your subscription
Cookies and similar technologies used by Beehiiv and any analytics tools active on the site (see Section 9)
Information we do not collect:
Payment card details (handled directly by Beehiiv's payment infrastructure if paid tiers are active)
Sensitive personal data as defined under applicable data protection law
Data from children under 16 (see Section 14)
We use the data described above for the following purposes:
Delivering The Context: Sending editions, Big Reads, and related material to subscribers via Beehiiv
Managing your subscription: Processing signup, preference changes, and unsubscribe requests
Improving the publication: Analysing aggregate open and click data to understand what is useful to readers
Responding to enquiries: Replying to messages sent to [email protected]
Legal compliance: Meeting obligations under applicable data protection law
We do not sell, rent, or trade your personal data. We do not use it for advertising, profiling, or AI training.
Where we process personal data, we rely on the following lawful bases under UK GDPR and EU GDPR:
Consent: For sending The Context and related material by email. You provide consent at the point of subscription. You may withdraw it at any time by unsubscribing.
Legitimate interests: For web analytics and improving the publication, where those interests are not overridden by your rights. We apply a proportionality test before relying on this basis.
Legal obligation: Where processing is required to comply with applicable law.
Where we rely on legitimate interests, those interests are: operating and improving the publication, and communicating with readers who have actively chosen to subscribe.
The Context is delivered through Beehiiv, a third-party publication platform. Beehiiv acts as a data processor on our behalf. This means:
Subscriber data (email address, subscription status, engagement metadata) is stored on Beehiiv's infrastructure
Beehiiv processes that data according to our instructions and its own data processing agreement
Beehiiv's privacy policy governs its own platform-level data practices: beehiiv.com/privacy
Beehiiv acts as our data processor for subscriber data. Prompting Trust (operated by Synoptikon) is the data controller. Beehiiv's own privacy policy governs their internal use of platform data; our use of subscriber data collected via Beehiiv is governed by this policy.
Prompting Trust is the reader-facing publication. Synoptikon is the operating entity behind it. Where readers access deeper material or practitioner-level content associated with Synoptikon, the same data handling principles in this policy apply. No separate data relationship is created by accessing Synoptikon-attributed content through Prompting Trust.
If Synoptikon operates separate services with distinct data practices, those will be covered by a separate policy published at the relevant point of access.
We do not share personal data except in the following circumstances:
With Beehiiv: As described in Section 6, as a data processor
With analytics providers: Where aggregate, anonymised data is used to understand site performance (see Section 9)
With legal authorities: Where required by law, court order, or regulatory obligation
In a business transfer: If Synoptikon is acquired or merged, subscriber data may transfer as part of that transaction. We will notify affected readers in advance where practicable.
The Prompting Trust website uses cookies and similar technologies. These fall into the following categories:Strictly necessary: Required for the site to function. These cannot be disabled.Analytics: Used to understand how readers navigate the site and which content is most useful. Where third-party analytics tools are active (such as Plausible or equivalent privacy-respecting tools), they are configured to minimise personal data collection. We do not use Google Analytics in a configuration that enables cross-site tracking.Beehiiv tracking pixels: Beehiiv embeds tracking in email editions to record open and click events. This is standard email delivery practice. You can disable image loading in your email client to prevent open tracking. Click tracking operates at the link level.You may manage cookie preferences through your browser settings. Disabling cookies may affect site functionality.
Beehiiv's infrastructure is based in the United States. If you are located in the UK or EU, your subscriber data is transferred to the US when you subscribe.We rely on Beehiiv's Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Agreement (IDTA) to provide appropriate safeguards for these transfers.For questions about transfer mechanisms, contact [email protected].
We retain personal data only for as long as necessary for its original purpose or as required by law. Our general retention periods are:
Subscriber data: Retained while your subscription is active. If you unsubscribe, Beehiiv marks your record as unsubscribed. We retain a suppression record to honour your opt-out.
Web logs: Retained for up to 90 days in standard server log form, then deleted or anonymised.
Survey responses: Retained for the period necessary to act on the feedback, then deleted unless aggregated anonymously.
Email correspondence: Retained for up to 24 months, then reviewed for deletion.
When data is no longer needed, it is deleted or anonymised. You may request early deletion at any time.
You have the following rights regarding your personal data, to the extent applicable under UK GDPR or EU GDPR:
Access: Request a copy of the personal data we hold about you
Rectification: Ask us to correct inaccurate data
Erasure: Ask us to delete your data, subject to legal retention obligations
Restriction: Ask us to limit how we process your data in certain circumstances
Portability: Receive your data in a structured, machine-readable format
Objection: Object to processing based on legitimate interests
Withdrawal of consent: Unsubscribe at any time using the link in any edition of The Context, or by contacting [email protected]
To exercise any of these rights, contact [email protected]. We will respond within 30 days. We may ask you to verify your identity before acting on a request.If you are in the UK, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. If you are in the EU, you may contact your local supervisory authority.
We take reasonable technical and organisational measures to protect personal data against loss, misuse, and unauthorised access. Specific measures include:
TLS encryption for data in transit between your browser and our site
Beehiiv's platform-level security controls for subscriber data at rest
Access controls limiting who within Synoptikon can access subscriber records
No system is completely secure. We cannot guarantee the absolute security of data transmitted over the internet, but we take our obligations seriously and act promptly in the event of any incident.
The Context is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has subscribed without appropriate consent, contact [email protected], and we will delete the record promptly.
Editions of The Context and pages on promptingtrust.ai may link to external websites. We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal data.
We may update this policy when our practices change, when we add new tools, or when legal requirements shift. Material changes will be noted in The Context or communicated directly to subscribers where the change affects how we handle their data.
The date at the top of this page reflects the most recent revision. Continued use of the site or subscription to The Context after a change constitutes acceptance of the updated policy.
For any questions about this policy, a data subject rights request, or a concern about how your data is handled:
Email: [email protected]
Publisher: Synoptikon, operating as Prompting Trust.
We aim to respond to all privacy enquiries within 30 days.
This policy is provided for informational and compliance purposes. Nothing in it constitutes legal advice. If you have a legal concern relating to data processing, you should seek independent legal counsel.