Privacy Statement

Whizardries Inc. — Last updated: June 4, 2026

1. Who We Are

Whizardries Inc. (“we,” “us,” or “our”) is an email deliverability consultancy based in Texas. We help businesses diagnose and resolve email deliverability problems by analyzing sending infrastructure, authentication configuration, reputation data, and related technical evidence.

For questions about this statement or to exercise your privacy rights, contact us at: privacy@whizardries.com

2. Information We Collect

From Clients Directly

When you engage our services, we collect information you provide, including through our triage intake process:

Contact information — company name, your name and role, technical contact name and role, email address, time zone
Problem descriptions — written descriptions of deliverability issues, timelines, and prior remediation steps
Error messages and logs — bounce logs, rejection codes, block notices, and prior correspondence with mailbox providers, blocklist operators, or ESP support teams
Authentication and DNS records — SPF, DKIM, and DMARC records; PTR/reverse DNS records; sending IP addresses; BIMI configuration
Sending infrastructure details — ESP platforms, mail server configurations, sending domains and subdomains, IP assignments, and recent infrastructure changes
Delivery and engagement data — sending logs, campaign performance reports, bounce breakdowns by type and receiving domain, complaint or spam-complaint data, and DMARC aggregate reports
Reputation data — Google Postmaster Tools exports or screenshots, Microsoft SNDS/JMRP data, blocklist lookup results
Email messages — sample messages submitted as .eml or .txt files for spam-placement analysis, including full headers and message content
List practices information — descriptions of how email addresses are collected, list age, list hygiene and suppression practices, and segmentation details

Much of this data is submitted as raw technical files (logs, exports, .eml files, DNS records). To the extent such files contain personal data — such as email addresses, IP addresses, or message content — that data is processed solely to perform the requested assessment.

For Our Own Communications

When you subscribe to communications from Whizardries Inc., we collect your email address and any other information you provide at the time of sign-up. We use confirmed (double) opt-in, meaning you will receive a confirmation message and must affirmatively confirm your subscription before we add you to our list.

Automatically Collected Data

Our website may collect standard server log data (including IP address, browser type, referring URL, and pages visited) for security and performance purposes.

3. How We Use Your Information

We use the information we collect to:

Perform the deliverability triage, assessment, or consulting services you engaged us for
Communicate with you about your engagement, findings, recommendations, and follow-up questions
Send communications to subscribers who have confirmed their opt-in
Process and track invoices and payments
Comply with legal and contractual obligations

We do not sell, rent, or trade your personal information or any client-submitted technical data. We do not use data provided for one engagement to inform work for any other client. Where client-submitted data includes email addresses or other personal data belonging to third parties (such as in bounce logs or .eml files), that data is processed solely to fulfill the engagement and is not used for any other purpose.

4. Third-Party Service Providers

We use a limited set of third-party tools that may process client or subscriber data:

Deliverability and reputation tools — We use third-party tools (such as inbox testing platforms and blocklist lookup services) to perform technical analysis. These tools may process sending domain names, IP addresses, and limited message metadata.
CRM and project management software — We use internal tools to manage engagements and store client contact information.
Banking — Invoice and payment processing is handled through Mercury, our business banking provider. See Mercury’s Privacy Policy for details on how they handle financial data.

We take reasonable steps to confirm that service providers maintain appropriate data protection standards.

5. Data Retention

We retain client engagement data (including intake forms, submitted files, correspondence, and work product) for less than 12 months after the conclusion of an engagement, unless applicable law requires a longer retention period (for example, for tax or contract records).

Email messages, bounce logs, and other technical files submitted by clients are deleted upon delivery of the relevant work product, and in all cases within the 12-month window.

Subscriber information for our own mailing list is retained as long as a subscription is active. Upon unsubscribe, email addresses are suppressed and retained only as necessary to honor the opt-out and comply with applicable law.

After applicable retention periods, data is securely deleted or anonymized.

6. Your Privacy Rights

Texas Residents (TDPSA)

The Texas Data Privacy and Security Act (TDPSA) affords Texas residents the following rights with respect to their personal data:

Right to know — the right to confirm whether we process your personal data and to access that data
Right to correct — the right to correct inaccuracies in your personal data
Right to delete — the right to request deletion of personal data you have provided or that we have collected about you
Right to portability — the right to obtain a copy of your personal data in a portable and, to the extent technically feasible, readily usable format
Right to opt out — the right to opt out of the sale of your personal data, the use of your personal data for targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects

We do not sell personal data, use it for targeted advertising, or engage in profiling as defined under the TDPSA.

To exercise any of these rights, contact us at privacy@whizardries.com. We will respond within 45 days. If we need additional time, we will notify you within the initial 45-day window and may extend our response by an additional 45 days. If we decline to act on your request, we will explain why and provide instructions for submitting an appeal.

California Residents (CCPA / CPRA)

California residents have the right to:

Know what personal information we have collected, used, disclosed, or sold
Delete personal information we hold, subject to applicable exceptions
Correct inaccurate personal information
Opt out of sale or sharing — we do not sell or share personal information as defined under the CCPA/CPRA
Limit use of sensitive personal information — to the extent we process sensitive personal information, we use it only to perform the services for which it was provided
Non-discrimination — we will not treat you differently for exercising these rights

To exercise these rights, contact us at privacy@whizardries.com. We will acknowledge your request within 10 business days and respond substantively within 45 calendar days, extendable by an additional 45 days where reasonably necessary with prior notice.

All Users

Regardless of location, you may contact us to request access to, correction of, or deletion of your personal information. We will respond to all requests within a reasonable timeframe and consistent with applicable law.

7. CAN-SPAM and CASL Compliance

We send commercial email only to individuals who have affirmatively consented and confirmed their subscription through a double opt-in process. We do not add anyone to our mailing list without explicit consent.

Each commercial message from Whizardries Inc. includes:

Clear identification of Whizardries Inc. as the sender
A physical mailing address
A functional, one-click unsubscribe mechanism

Unsubscribe requests are honored promptly and within the timeframes required by applicable law. We maintain suppression lists to ensure that individuals who have opted out are not contacted again.

8. Data Security

We use reasonable technical and organizational measures to protect personal information against unauthorized access, disclosure, alteration, or destruction, including encrypted communications, access controls, and need-to-know data sharing practices.

No method of transmission or storage is completely secure. In the event of a data breach affecting your personal information, we will notify affected individuals as required by applicable law.

9. Data Transfers

Our operations are based in Texas, United States. Personal data we collect is processed and stored in the United States. If you are located outside the US, be aware that your information may be subject to US law, which may differ from data protection law in your jurisdiction.

10. Changes to This Statement

We may update this statement periodically. The “Last updated” date at the top will reflect any changes. Material changes will be communicated to active clients and mailing list subscribers by email. Continued use of our services or continued subscription following notice of a material change constitutes acknowledgment of the revised statement.

11. Contact Us

Whizardries Inc.
Email: privacy@whizardries.com

Name	Owner	Duration	Purpose
`comment_author_*`	WordPress	347 days	Saves your name, email address, and website URL when you post a comment so you do not have to re-enter them next time.
`wcc_consent`	WP Cookie Consent	30 days	Stores your cookie consent preferences so you are not asked again on every page visit. Contains only a random identifier — no personal information.
`wordpress_*`	WordPress	Session	Used by WordPress to authenticate logged-in visitors, remember authentication details, and to provide other essential security features.
`wordpress_logged_in_*`	WordPress	Session	Tells WordPress whether you are logged in to the site. WordPress uses this to show you the correct version of the site.
`wordpress_test_cookie`	WordPress	Session	Tests whether cookies are enabled in your browser. Deleted immediately after the test.
`wp-settings-*`	WordPress	1 year	Stores your personal WordPress dashboard and administration interface settings.
`wp_lang`	WordPress	1 year	Remembers your preferred language for the WordPress admin interface.

Name	Owner	Duration	Purpose
`aw_*`	AWeber	1 year	Set by AWeber when you sign up for an email list. Records your subscription status and preferences.
`jetpack*`	Jetpack by Automattic	1 year	Used by Jetpack to provide site statistics, security features, and related functionality.

Name	Owner	Duration	Purpose
`_ga`	Google Analytics	2 years	The main Google Analytics cookie. Used to distinguish unique visitors by assigning a randomly generated number as a client identifier.
`_ga_*`	Google Analytics	2 years	Used by Google Analytics 4 to persist session state and measure site usage.
`_gac_*`	Google Analytics / Google Ads	90 days	Contains campaign-related information. Shared between Google Analytics and Google Ads.
`_gat`	Google Analytics	1 minute	Used by Google Analytics to throttle request rate. Expires after 1 minute.
`_gid`	Google Analytics	24 hours	Used by Google Analytics to identify a user session. A new value is assigned each day.
`metricool_visit_*`	Metricool	1 year	Used by Metricool to track page visits and measure website traffic statistics.
`mtc_id`	Mautic	Session	A session identifier used by this site\'s marketing platform (Mautic) to track activity during your current visit. Expires when you close your browser.

Name	Owner	Duration	Purpose
`_fbc`	Meta (Facebook)	2 years	Used by Meta to store the last visit made with a click on an advertisement. Used for conversion tracking.
`_fbp`	Meta (Facebook)	3 months	Used by Meta to deliver a series of advertisement products such as real time bidding from third party advertisers.
`_gcl_*`	Google Ads	90 days	Used by Google Ads to measure the effectiveness of advertising campaigns and to track conversions.
`mautic_device_id`	Mautic		Assigned by this site\'s marketing platform (Mautic) to recognise your browser across visits. If you submit a form on this site, this identifier may be used to associate your browsing history with your contact record.