Privacy Policy

This Privacy Policy describes how I collect, use, disclose, and protect Personal Information in connection with robert.winter.ink and the podcast On the Subject of Leadership with Dr Robert N. Winter (together, "the Site"). It should be read alongside the Terms of Service, Content Licence, and Disclaimer also published on the Site.

I treat compliance with Australian privacy law as the primary framework for this policy and layer other jurisdictional requirements on top of it. Specifically:

• The Privacy Act 1988 (Cth) and the Australian Privacy Principles ("APPs") set the baseline for how Personal Information is handled.
• The EU and UK General Data Protection Regulations ("GDPR") apply to Personal Information collected from individuals located in the European Economic Area and the United Kingdom.
• The California Consumer Privacy Act and California Privacy Rights Act ("CCPA/CPRA") apply to Personal Information collected from California residents.

Where any provision of this policy conflicts with a mandatory requirement of applicable law, the legal requirement prevails.

Who I Am

This Site is operated by Dr Robert N. Winter of New South Wales, Australia. For privacy enquiries, contact me via the form at robert.winter.ink/contact, or by post to an address that will be provided on request.

For the purposes of the GDPR, I am the data controller of Personal Information collected through the Site.

What Personal Information I Collect

I collect only the Personal Information I need to operate the Site, deliver the services you have requested, and meet my legal obligations. The categories are:

Account and membership information. When you join the Commons (free membership) or the Inner Circle (paid membership), I collect your name, email address, and the IP address from which you signed up. For paid subscribers, I also hold subscription status, billing records, and transaction history, although I never see or store your full payment-card details.

Payment information. Payments are processed by Stripe, Liberapay, or Buy Me A Coffee, depending on the option you choose. Card and bank details are collected and held by those providers, not by me. I receive only the confirmation of payment, a transaction identifier, and (in the case of subscriptions) the billing status.

Correspondence. If you contact me — by email, by replying to a newsletter, or through the Typeform contact form — I receive whatever information you choose to include, together with your email address and the technical metadata your mail client or browser transmits.

Comments. If you post a comment on the Site (a feature available only to signed-in members), I retain the comment, the time of posting, and its association with your member account.

Podcast listening. If you listen to the podcast, Transistor (the podcast host) records routine technical information — including IP address, user-agent, and approximate geographic location — in order to deliver the audio and produce aggregated listening statistics. I receive aggregate reports; I do not receive individual listener data.

Technical information. Web servers record, as a routine matter, the IP address, user-agent string, pages visited, and time spent on the Site. This information is used in aggregate form for site administration and security.

Aggregated analytics. Usage is measured by Plausible Analytics, described below.

How I Collect It

I collect Personal Information directly from you when you subscribe, make a payment, post a comment, or contact me. Technical information is collected automatically by the systems that operate the Site. I do not purchase Personal Information from data brokers and I do not acquire Personal Information from third parties for marketing purposes.

Why I Collect It and the Legal Basis

The purposes for which I collect and use Personal Information, and the legal bases on which I rely, are:

To operate the membership service. This includes account creation, authentication, delivery of newsletters and articles, and the operation of comments. Legal basis: performance of a contract with you; your consent where you have opted in to optional communications.

To process payments. Legal basis: performance of a contract; compliance with financial record-keeping obligations under Australian and overseas tax law.

To respond to your correspondence. Legal basis: your consent; my legitimate interest in running an accessible publication.

To maintain the security, integrity, and performance of the Site. Legal basis: my legitimate interest in protecting the Site and its users against fraud, abuse, and unauthorised access.

To comply with legal obligations. Including responses to lawful requests from regulators, courts, and law-enforcement authorities. Legal basis: legal obligation.

Who I Share It With

I use a small number of carefully chosen service providers ("processors") to operate the Site. Each processes Personal Information only on my instructions and under written terms that meet the standards required by Australian, EU, UK, and Californian law:

• Ghost(Pro) (Ghost Foundation Ltd) provides hosting, membership infrastructure, comments, and bulk and transactional email delivery. Email is delivered by Ghost(Pro)'s sub-processor, Mailgun (Sinch Email).
• Plausible Analytics (Plausible Insights OÜ) provides privacy-respecting, cookieless website analytics.
• Transistor (Transistor.fm, Inc.) hosts the podcast audio files and distributes the podcast feed.
• Typeform (TYPEFORM SL) operates the contact forms on the Site.
• Stripe, Liberapay, and Buy Me A Coffee process donations and subscription payments.
• Proton Mail (Proton AG) provides end-to-end encrypted email for direct correspondence.

Beyond these processors, I do not disclose Personal Information to third parties except where required by law, where necessary to protect my legal rights, or with your express consent.

I do not sell, rent, or trade Personal Information, and I do not engage in the "sharing" of Personal Information for cross-context behavioural advertising within the meaning of the CCPA/CPRA.

Overseas Disclosures

Some of the processors listed above are based outside Australia, and the operation of the Site will involve the disclosure of Personal Information to countries including the United States, the United Kingdom, member states of the European Union (in particular Ireland, Spain, the Netherlands, and Estonia), and Switzerland. Where Personal Information is transferred from the EEA or the UK to a jurisdiction not the subject of an adequacy decision, the transfer is made under the Standard Contractual Clauses approved by the European Commission or the UK International Data Transfer Agreement, as applicable.

Cookies and Similar Technologies

The Site uses cookies sparingly and only where functionally necessary:

• Authentication cookies are set when you sign in as a member, to maintain your logged-in state. These expire when you sign out or when the session ends.
• Preference cookies remember small choices such as theme selection. These expire after a reasonable period set by the relevant Site function.

The Site does not use advertising cookies, cross-site tracking cookies, or social-media pixels. Plausible Analytics does not set cookies of any kind.

Analytics

Plausible Analytics is used to measure aggregate traffic to the Site. Plausible does not use cookies, does not collect Personal Information, and does not fingerprint visitors. The data collected is aggregated and anonymised; it allows me to understand what is read and how often, without identifying individual readers. Plausible's full data policy is published at plausible.io/data-policy.

Security

I take reasonable steps to protect Personal Information from misuse, interference, loss, unauthorised access, modification, and disclosure. These include encryption in transit (HTTPS), encrypted email (Proton Mail) for direct correspondence, restricted administrative access, and reliance on processors that maintain recognised security certifications. No internet-based service can be guaranteed fully secure; if I become aware of a data breach that is likely to result in serious harm, I will notify affected individuals and the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth).

How Long I Keep It

Membership records are retained for as long as your membership is active, and for a further period — ordinarily seven years — to the extent necessary to meet financial record-keeping obligations under Australian tax law.

Payment and transaction records are retained for the period required by applicable tax and consumer-protection law.

Correspondence is retained for as long as is reasonably necessary to maintain the relationship and for a reasonable archival period thereafter.

Comments are retained for as long as your membership is active. If you close your membership, your comments will be anonymised or deleted on request.

Analytics data held by Plausible is aggregated and retained in line with Plausible's data-retention policy.

Where Personal Information is no longer required for the purposes for which it was collected and is not required to be retained by law, it will be destroyed or de-identified in accordance with APP 11.2.

Your Rights

Under Australian Privacy Law

You have the right to:

• Request access to the Personal Information I hold about you (APP 12).
• Request correction of Personal Information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13).
• Deal with me anonymously or pseudonymously in any circumstances where this is lawful and practicable (APP 2), although this will generally not be possible for members or paid subscribers.
• Make a complaint about my handling of your Personal Information.

Requests under APPs 12 and 13 will ordinarily be responded to within thirty days.

Under the EU and UK GDPR

If you are in the EEA or the UK, you have, in addition to the rights above, the right to:

• Erasure of your Personal Information (the "right to be forgotten").
• Restriction of processing.
• Data portability.
• Object to processing undertaken on the basis of legitimate interests.
• Withdraw consent where processing is based on consent, without affecting the lawfulness of processing carried out before the withdrawal.
• Lodge a complaint with the supervisory authority in your country of residence, workplace, or the place of the alleged infringement.

Under California Law

If you are a California resident, you have the right to:

• Know what categories of Personal Information are collected, the sources, the business purposes, and the categories of third parties to whom it is disclosed.
• Request deletion of Personal Information, subject to statutory exceptions.
• Request correction of inaccurate Personal Information.
• Opt out of the sale or sharing of Personal Information. I do not sell or share Personal Information as those terms are defined under the CCPA/CPRA.
• Limit the use and disclosure of sensitive Personal Information. I do not use sensitive Personal Information for purposes that would trigger this right.
• Not be discriminated against for exercising any of these rights.

To exercise any right set out above, contact me using the details in the Complaints and Contact section below. I will verify your identity by reasonable means before acting on a request.

Artificial Intelligence and Machine Learning

Personal Information collected through the Site is not used, licensed, disclosed, or made available to any party for the purpose of training, fine-tuning, grounding, evaluating, or otherwise developing any machine-learning model, large language model, generative artificial intelligence system, or comparable automated system. This applies equally to member data, comment data, correspondence, analytics data, and podcast listening data.

The corresponding protection of the published Content of the Site against AI-training use is set out in the Content Licence.

Children

The Site is intended for an adult professional readership and is not directed to children. I do not knowingly collect Personal Information from a person under the age of sixteen. If you believe a child has provided Personal Information to the Site, contact me and I will take reasonable steps to delete it.

Changes to This Policy

I will revise this policy from time to time to reflect changes in the Site, in the services I use to operate it, or in applicable law. The date of the most recent revision appears at the foot of the policy. Where a change is material — for example, where it broadens the purposes for which Personal Information is used or introduces a new category of disclosure — I will notify registered members by email and post a prominent notice on the Site before the change takes effect. Minor or clarificatory changes will be published without separate notice.

Complaints and Contact

If you have a question about this policy, or if you believe I have mishandled your Personal Information, contact me via the form at robert.winter.ink/contact. I will acknowledge your complaint within seven days and respond substantively within thirty.

If you are not satisfied with my response, you may lodge a complaint with the Office of the Australian Information Commissioner.

If you are in the United Kingdom, you may lodge a complaint with the Information Commissioner's Office.

If you are in the European Economic Area, you may lodge a complaint with your national supervisory authority. A directory is maintained by the European Data Protection Board.

Last updated: 23 April 2026