Skip to content
No ACL NeededWatch →
Legal · Last updated May 2026

Privacy policy.

This Privacy Policy explains how No ACL Needed (“we”, “us”) collects, uses, and protects your personal information when you visit noaclneeded.com or use our services.

What we collect

  • Identifiers: name, email address, phone number, Instagram handle (if provided).
  • Health-related information you choose to share: details about your knee injury, prior treatments, goals, and timelines submitted via our application form.
  • Payment information: processed by our third-party payment processor; we do not store full payment card details.
  • Usage and attribution data: IP address, referrer, UTM parameters, device type, page views, and video engagement events.
  • Cookies and similar technologies: for site functionality, analytics (Google Analytics 4), and advertising attribution (Meta Pixel).

How we use it

  • To deliver coaching, programs, and content you request.
  • To respond to inquiries and schedule strategy calls.
  • To send marketing emails and SMS. You can unsubscribe at any time.
  • To measure and improve the performance of our website and content.
  • To comply with legal obligations.

Who we share with

We share data only with service providers necessary to operate the business:

  • Vercel — hosting and edge network.
  • Supabase — managed Postgres database where your contact record lives.
  • Resend — outbound email delivery from noaclneededmail.com.
  • Twilio — SMS delivery and STOP-keyword handling.
  • Cal.com — strategy-call scheduling.
  • Inngest — durable workflow engine that schedules and fires our email/SMS sequences.
  • PostHog — product analytics. Form-field values, names, emails, and phone numbers are masked client-side before any event leaves your browser; we capture clicks, submits, and URL paths only.
  • Sentry — error and crash reporting when a page fails to render. No form values.
  • DeepSeek — only when you message us on Instagram or Facebook, the AI-assisted reply system sends the conversation transcript to DeepSeek for a draft suggestion. A human reviews every draft before any message is sent.
  • Google Analytics 4 & Meta — when enabled, analytics and advertising attribution.
  • Stripe — payment processing if you purchase a program.

We do not sell your personal information.

Your rights

Depending on your jurisdiction (GDPR, UK GDPR, CCPA, and similar), you may have the right to access, correct, delete, or port your personal information, and to object to certain processing.

To delete your data right now, visit /delete-me. We email you a confirmation link; clicking it permanently removes your contact record, qualification submissions, email and SMS logs, VSL progress, apply-form analytics, and any AI-setter DM history linked to your contact. The confirmation link expires after 24 hours. Your email and phone are added to a suppression list so we cannot accidentally re-add you on a future opt-in.

For other privacy requests, email jg@noaclneededmail.com.

Retention

We retain personal data for as long as needed to provide our services and to comply with legal obligations. Application form submissions are retained for up to 24 months unless you request earlier deletion.

Security

We use reasonable administrative, technical, and physical safeguards to protect your information. No method of transmission over the internet is 100% secure.

Children

Our services are intended for adults. We do not knowingly collect personal data from anyone under 18 without verified parental or guardian consent.

Updates

We may update this Privacy Policy from time to time. The “last updated” date at the top of the page reflects the most recent revision.

Contact

Privacy questions: jg@noaclneededmail.com.