Privacy Policy
Last updated: March 2026
Overview
Moser Research LLC ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.
This policy applies to visitors from all regions, including the European Economic Area (EEA) and United Kingdom, and is designed to comply with the General Data Protection Regulation (GDPR) and similar privacy laws.
Information We Collect
Information You Provide
We collect information you voluntarily provide when you:
- Fill out a contact form or reach out via email
- Call our business phone number
- Engage us for consulting services
This may include your name, email address, phone number, business name, and details about your business operations relevant to our services.
Information Collected Automatically
When you visit our website, we may automatically collect:
- Browser type and version
- Operating system
- Pages visited and time spent
- Referring website
- IP address (used for security and analytics purposes)
How We Use Your Information
We use collected information to:
- Provide and improve our consulting services
- Respond to your inquiries and schedule appointments
- Send relevant updates about our services (with your consent)
- Analyze website usage to improve user experience
- Comply with legal obligations
Legal Basis for Processing (GDPR)
If you are located in the EEA or UK, we process your personal data based on the following legal grounds:
- Consent: When you explicitly agree, such as submitting a contact form or opting into communications
- Contract: When processing is necessary to fulfill our consulting services agreement with you
- Legitimate Interests: For business operations like improving our services, provided these interests don't override your rights
- Legal Obligation: When we must comply with applicable laws
Data Retention
We retain your personal information only as long as necessary for the purposes outlined in this policy:
- Client project data: Duration of engagement plus 3 years for reference and legal purposes
- Contact form submissions: 2 years unless you become a client
- Website analytics: 26 months (aggregated via Cloudflare Web Analytics)
You may request earlier deletion at any time by contacting us.
AI and Automation Services
As an AI consultancy, we may use artificial intelligence tools to help deliver our services. When we implement AI solutions for your business:
- We will clearly explain what data the AI systems will access
- Client data used in AI implementations remains your property
- We do not use client data to train general AI models
- AI systems are configured to handle data according to your specifications
SMS Communications
When you call our business phone number, you may be offered the option to receive follow-up information via text message. By providing your phone number and agreeing to receive texts during the call, you consent to receiving SMS messages from Moser Research related to your inquiry.
- Message frequency varies based on your inquiry
- Message and data rates may apply
- Reply STOP to opt out of SMS messages at any time
- Reply HELP for assistance
We will not use your phone number for marketing or promotional messages unless you separately opt in to such communications. SMS messages are limited to follow-ups related to your call, such as confirming next steps or providing requested information.
Information Sharing
We do not sell your personal information. We may share information with:
- Service Providers: Third-party tools we use to deliver services (listed below)
- Legal Requirements: When required by law or to protect our rights
- Business Transfers: In connection with any merger or acquisition
Third-Party Services We Use
We use the following third-party services that may process your data:
- Cloudflare (USA): Website hosting, security, performance, and bot detection via Cloudflare Turnstile on our contact form. Turnstile collects interaction data to verify you are human but does not use cookies or track you across sites. Privacy Policy
- Cloudflare Workers (USA): Serverless functions that process our contact form submissions. Data is processed in transit and not stored by Cloudflare Workers beyond the request lifecycle. Privacy Policy
- Resend (USA): Contact form email delivery. Processes name and email from form submissions. Privacy Policy
- Twilio (USA): Business phone and SMS services. Processes phone numbers and call metadata for inbound calls to our business line and SMS follow-up messages. Privacy Policy
International Data Transfers
We are based in the United States, and our service providers are also primarily US-based. If you are located outside the US (including the EEA or UK), your information will be transferred to and processed in the United States.
We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where applicable, and only work with service providers who maintain adequate data protection practices.
Data Security
We implement appropriate technical and organizational measures to protect your information, including encryption in transit (TLS), access controls, and regular security reviews. However, no electronic transmission or storage is 100% secure. We encourage you to use caution when sharing sensitive information.
Data Breach Notification
In the event of a data breach that affects your personal information, we will notify you and any applicable regulatory authorities within 72 hours of becoming aware of the breach, as required by GDPR and other applicable laws. Notification will include the nature of the breach, likely consequences, and measures taken to address it.
Your Rights (GDPR)
If you are located in the EEA or UK, you have the right to:
- Access: Request a copy of the personal information we hold about you
- Rectification: Request correction of inaccurate or incomplete information
- Erasure: Request deletion of your information ("right to be forgotten")
- Restriction: Request that we limit how we use your data
- Data Portability: Request your data in a structured, machine-readable format
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Where processing is based on consent, withdraw it at any time
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (or sooner as required by applicable law).
Right to Lodge a Complaint
If you are in the EEA or UK and believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection supervisory authority. We encourage you to contact us first so we can address your concerns directly.
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, purposes, and third parties with whom we share it
- Right to Delete: Request deletion of your personal information, subject to certain exceptions
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Opt out of the sale or sharing of your personal information (we do not sell personal information)
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Categories of Personal Information Collected: Identifiers (name, email, IP address), commercial information (services purchased), internet activity (browsing behavior), and professional information (business details).
How We Use This Information: To provide consulting services, respond to inquiries, improve our website, and comply with legal obligations.
Sale of Personal Information: We do not sell your personal information to third parties.
Global Privacy Control: We honor Global Privacy Control (GPC) signals. Because we do not use cookies for tracking or sell personal information, no additional action is needed when a GPC signal is detected.
To exercise your California privacy rights, contact us at [email protected]. We will respond within 45 days. You may designate an authorized agent to make a request on your behalf.
Cookies
This website does not intentionally set tracking cookies. We do not set any first-party cookies for analytics or advertising purposes. Cloudflare, our hosting and security provider, may set essential security cookies (such as __cf_bm) as part of its bot management and DDoS protection services. These are strictly necessary for website security and cannot be used to identify individual users.
Our analytics are provided by Cloudflare Web Analytics, which operates without cookies and does not track individual users across sites.
No Third-Party Tracking
We do not use Google Analytics, Facebook Pixel, or any third-party advertising or tracking services. Website analytics are provided solely by Cloudflare Web Analytics, which collects aggregated usage data without using cookies or tracking individual users across sites.
Children's Privacy
Our website and services are directed to businesses and individuals 18 years of age and older. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will promptly delete that information. If you believe a child under 16 has provided us with personal information, please contact us at [email protected].
Third-Party Links
Our website may contain links to third-party sites. We are not responsible for the privacy practices of these external sites.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page with an updated revision date.
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at:
Moser Research LLC
Email: [email protected]
Location: St. Louis, MO