Privacy Policy
Last updated: June 25, 2026
This Privacy Policy explains how Edwards Media Ventures LLC, a Texas limited liability company doing business as Edwards Media (“we,” “us,” or “the Company”), collects, uses, and protects personal information across any of our Properties — including buildtolast.com, app.buildtolast.com, kaelinedwards.com, edwardseconomics.com, theedwardsreport.com, edwardsmediaventures.com, and any future site, app, or storefront we operate — and across any product or service we provide (“Products”).
We believe in honest, narrow data use: we collect what we need to provide and improve our Products, nothing more. We do not sell your data. We do not run third-party ad tracking on our Properties.
1. What we collect
You give us:
- Email address — required for sign-in to any Product that uses an account, and to send transactional and (optionally) periodic emails.
- First name — used to personalize Product interfaces and emails.
- Payment information — processed entirely by Stripe. We never see your full card number; we receive a payment confirmation.
- Content you create inside our Products — for example: rhythm logs, Bible reading check-ins, budget snapshots, net worth snapshots, books read, quarterly review entries, family vision text, tier self-assessment answers, journal entries, posts or messages in any community we operate, replies in a coaching engagement, comments on media content, and any other data you choose to enter. We treat this as private to you (and your household where applicable).
Collected automatically:
- Authentication session data — for Products that require sign-in, a session cookie and a token stored in your browser’s localStorage so we can recognize you between visits without making you sign in again.
- Basic server logs — IP address, browser type, page paths, and timestamps, as standard for web hosting (Netlify) and database access (Supabase). Used for security and to debug errors.
- Activity log inside Products with user accounts — a short list of recent in-app actions you took (e.g., “Logged weekly rhythm,” “Saved Budget Allocator snapshot”) so you can see your own recent history.
What we do NOT collect or use:
- We do not run Google Analytics, Facebook Pixel, or other third-party advertising or behavioral trackers on our Properties.
- We do not sell, rent, or trade your personal information.
- We do not use content you create inside our Products to train AI models.
2. Why we collect it
| Purpose | Data used |
|---|---|
| Authenticate you and protect your account | Email, session token |
| Deliver and operate the Products you use (rhythms, calculators, trackers, community access, media content, etc.) | Content you create, household or account ID |
| Process your purchase and deliver the Product | Email, payment confirmation from Stripe |
| Send transactional emails (receipts, sign-in links, important account notices) | |
| Send periodic newsletters or product updates (only if you remain subscribed) | Email, first name |
| Provide customer support | Email, any details you share in your message |
| Detect, prevent, and respond to fraud, abuse, or security incidents | Logs, IP, account metadata |
| Comply with legal obligations | Whatever is legally required |
3. Service providers we share data with
We use the following third-party processors to operate our Properties and deliver our Products. Each only receives what they need to perform their function. The list below covers the providers currently in use; we may add or substitute providers and will update this page accordingly.
| Provider | What they do | Data they see |
|---|---|---|
| Stripe | Payment processing for any paid Product | Name, email, billing address, card data |
| Kit (formerly ConvertKit) | Email marketing, digital product checkout, post-purchase email automations | Name, email, purchase events, tags reflecting how you joined |
| Supabase | Database, authentication, and file storage for Products that require sign-in | Email, content you create, session tokens, server logs |
| Resend | Transactional email delivery (sign-in links, receipts) | Email, message contents we send to you |
| Netlify | Static website hosting for our Properties | IP address, browser type, page paths (standard web server logs) |
| YouTube / Substack / video and podcast platforms | Hosting and delivery of media content on certain Properties | Whatever those platforms collect under their own privacy policies when you watch or read embedded content |
4. Cookies and similar technologies
Products that require sign-in use a small number of strictly-necessary cookies and localStorage entries to keep you signed in and to remember user-interface preferences (such as whether the sidebar is collapsed). We do not use cookies for advertising or behavioral tracking. We do not place any third-party advertising cookies on our Properties. Embedded third-party media (such as YouTube videos) may set their own cookies governed by those providers’ policies.
5. How long we keep your data
- Product content you create (rhythms, snapshots, journal entries, posts, etc.): Retained as long as your account is active, so that the relevant Product remains useful over years.
- Account email and account / household membership: Retained as long as your account is active.
- Receipts and purchase records: Retained for at least seven (7) years for tax and accounting compliance.
- Server logs: Typically retained for 30–90 days by our hosting providers.
- Marketing email subscription: Until you unsubscribe.
When you request account deletion, we remove your account content and email within thirty (30) days, except where retention is required by law (such as purchase records for tax).
6. Your rights
You may, at any time:
- Access the personal data we hold about you
- Correct any inaccurate personal data
- Export your content from any Product that offers a data-export feature (for example, the Toolbox sidebar has an “Export my data” link), or by request to us
- Delete your account and associated content
- Unsubscribe from marketing emails using the unsubscribe link in any such email
- Object to certain processing activities
Email support@buildtolast.com to exercise any of these rights. We may need to verify your identity before acting on a request.
7. California, EU, and UK residents
If you live in California, the EU, or the UK, you have additional rights under the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), respectively, including the rights described above and the right to lodge a complaint with a data protection authority. We act as a data controller for the personal data we collect through our Properties. To contact us about these rights, email support@buildtolast.com.
8. Children
Our Properties and Products are intended for adults (18 years or older). We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact support@buildtolast.com and we will delete it.
9. Security
We use industry-standard security practices, including encrypted transport (HTTPS), authenticated database access with row-level security (RLS) so users can only access their own data, and reputable third-party processors. No method of transmission or storage is perfectly secure. We will notify affected users without undue delay of any confirmed breach involving their personal data, as required by law.
10. International data transfers
Our service providers may store and process data in the United States or other countries. By using our Properties or Products, you understand that your data may be transferred to and processed in countries that may have different data protection laws than your jurisdiction.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new “Last updated” date and, where reasonably practical, communicated by email. Continued use of our Properties or Products after a change is published constitutes acceptance of the updated policy.