Privacy
Last updated: 2026-05-28
We collect the minimum data needed to operate the site. We do not set advertising cookies, we do not run cross-site tracking, and we do not sell your data. This page describes what we collect, why, where it lives, and how you can get rid of it.
Who we are
VentureGrill is an independent online publication based in Italy. The publisher acts as the data controller and can be reached at privacy@venturegrill.com.
What we collect and why
When you read the site (no account, no signup): if you accept analytics cookies, Google Analytics collects aggregate usage statistics — pageviews, referrers, approximate location, device/browser. If you decline, none of this is collected and no analytics runs. See Cookies below. Legal basis: consent (GDPR Art. 6(1)(a)).
When you subscribe to the newsletter: we collect your email address and the page where you signed up (e.g. "footer", "article"). Legal basis: consent (GDPR Art. 6(1)(a)) given by submitting the form.
When you contact us: we keep your email and the contents of your message for as long as needed to respond and for a reasonable follow-up window. Legal basis: legitimate interest in responding to your inquiry.
Cookies
We do not set advertising cookies and we do not embed cross-site trackers (no Meta Pixel, no advertising tags).
Analytics, only with your consent. With your consent we use Google Analytics 4 to understand which stories resonate. It sets first-party analytics cookies. We ask through a banner on your first visit — analytics is off until you accept, and Google Analytics is not even loaded if you decline. You can change your choice at any time via "Cookie preferences" in the footer. We use Google's Consent Mode, so no analytics storage is used before you opt in. Legal basis: consent (GDPR Art. 6(1)(a)).
Where your data lives
We use a small number of carefully chosen processors. None of them resell your data, all of them sit on infrastructure with EU data residency where possible:
- Cloudflare (US, with a global edge network): hosts the website (Cloudflare Pages) and runs the signup endpoint. Cloudflare acts as our data processor under a DPA that includes the EU Standard Contractual Clauses.
- Resend (US/EU): stores your email address when you subscribe to the newsletter and delivers the emails. Receives only your email address; bound by a DPA with the EU Standard Contractual Clauses.
- Sanity (EU region): hosts the editorial content management system. Only authors and editors with credentials access Sanity; no reader data is stored there.
- Google (Google Analytics 4): aggregate audience measurement, loaded only after you accept analytics cookies. Data is processed under Google's Consent Mode and the EU Standard Contractual Clauses. No analytics runs if you decline.
All processors are bound by data processing agreements that prohibit secondary use of your data and require notification of any breach.
How long we keep it
Newsletter subscribers: we keep your record for as long as you are subscribed. When you unsubscribe, we mark the record as unsubscribed rather than deleting it immediately, so we can honour the unsubscribe even if the same address is later resubmitted accidentally. Hard deletion happens on request, or automatically after 24 months of inactive status.
Traffic analytics: retained for 30 days at the edge, then aggregated and anonymised.
Email correspondence: kept up to 24 months after the last reply, then deleted.
International transfers
Where data is processed outside the European Economic Area (notably by Cloudflare's and Resend's US entities), transfers are governed by the EU Commission's Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework.
Your rights
Under the GDPR, the UK GDPR, and the California Consumer Privacy Act you have the right to:
- Access the personal data we hold about you
- Correct anything that's inaccurate
- Delete your data (right to erasure / "right to be forgotten")
- Export your data in a portable format
- Object to processing or withdraw your consent at any time
- Lodge a complaint with your local supervisory authority — in Italy, the Garante per la protezione dei dati personali
Email privacy@venturegrill.com and we'll respond within 30 days. For unsubscribing only, the link in the footer of any newsletter we send is the fastest path.
Security
Traffic to the site is served over HTTPS with HSTS. Subscriber data is stored by our hosting provider with access restricted to the publisher. We never ask you for a password — you don't need an account to read the site.
Children
The site is not directed at children under 16, and we do not knowingly collect personal data from them. If you believe a child has subscribed, email us and we'll remove the record.
Changes to this policy
Material changes are logged on our corrections page with a dated note. The "Last updated" date at the top of this page reflects the most recent revision. If a change affects your rights or the data we collect, we'll notify newsletter subscribers by email before the change takes effect.