Lean discipline. AI precision. Financial proof.

Privacy Notice

How the Ask 7Flows assistant and the contact form handle your information.

Last updated: June 16, 2026 · Applies to the Ask 7Flows assistant and the contact form on this site.

What we log — and what we don't

What we log (metadata only)

  • Which page you used and timestamps
  • The category of each question (e.g. about the firm, the method, fit) — not the question text
  • Message counts and token usage, for cost tracking
  • Whether a CTA was clicked or an email was captured
  • Rate-limit and error events

What we never log

  • The text of your conversation — raw chat messages are never written to our database
  • File uploads — the assistant accepts none
  • Your raw IP address (see below)
  • Any account or login — there are none

Your chat messages

Your conversation is held in your browser only. Each message is sent to our backend to generate that answer; the text is not stored. If you choose “Email me this conversation,” the conversation is transmitted once so we can email it back to you, then discarded — we keep only a short, redacted summary as our business record. Before that summary is stored, a redaction pass removes email addresses and phone numbers automatically, and names and companies by instruction.

Email capture

If you ask us to email you the conversation, we store your work email and the redacted summary as a business record. This is opt-in — you provide it by entering your email. We use it to follow up about your inquiry. We do not sell or share it.

Bot protection & IP handling

We use Cloudflare Turnstile to keep bots out. For rate limiting, we store a salted, one-way hash of your IP address — never the raw IP — and these counters are deleted after 7 days.

Contact form

When you submit the diagnostic-request form, we store your name, company/role, and message as a business record and email it to Larry Crane so he can respond. We use it only to reply to your request.

How long we keep it

  • Session & message metadata — 12 months, then purged
  • Rate-limit counters (hashed IP) — 7 days
  • Captured emails & contact submissions — kept as consented business records