The Private Attorney General Project

The Private Attorney General Project

Home
Notes
Archive
About

You agree to the privacy policy below, and the Privacy Policy for Substack, the technology provider.

PUBLISHER PRIVACY POLICY (for Substack)

Last updated: November 14, 2025

1) Who we are & scope

This Publisher Privacy Policy (“Policy”) explains how PAG Project, LLC (“PAG,” “we,” “us”) collects, uses, and shares information when you use:

  • Our Substack Publication (posts, email delivery, comments, Chat, Notes, recommendations/referrals, paid tiers);

  • pagproject.com and related subdomains (if any);

  • our newsletters/emails and all @pagprojectHQ social/community properties (X, YouTube, Instagram, Rumble, TikTok, Discord, LinkedIn); and

  • our podcast

(collectively, the “Sites & Channels”).

Layered privacy. Substack’s own Privacy Policy also applies to your use of Substack’s platform and services (e.g., account creation, Substack app behavior, platform analytics, email delivery). This Policy describes what PAG does with data we receive or control.

Contacts (privacy requests): contact@pagproject.com
Mail: PAG Project, LLC — 5900 Balcones Drive, STE 100, Austin, TX 78731

We do not sell personal information. If/when we engage in targeted advertising (cross‑context behavioral advertising), we will provide opt‑out controls and honor Global Privacy Control (GPC) / recognized universal opt‑out signals where required.

2) Information we collect

You provide: name, email; messages/UGC you submit (comments, posts, uploads, DMs); forms you complete (tips, support); referral details when you invite others.

Automatically (Sites & Publication): IP address, device/browser info, pages viewed, timestamps, referral/UTM, coarse location inferred from IP, and cookie/SDK events via analytics (e.g., Google Analytics 4) or Substack metrics.

Platform/social data: When you interact on Substack (Chat, Notes, comments, payments), or on our social pages/Discord/podcast platforms, those services may share limited analytics/engagement or account metadata with us under their terms.

Payments/contributions (if enabled): If you contribute funds or purchase paid access, payment processors (e.g., Substack/Stripe) collect payment details; we do not store card numbers.

Sensitive data: We do not seek sensitive personal data. Please do not submit it. Tipsters/sources: see “Source submissions” below.

3) How we use information

  • Operate, secure, and improve the Sites & Channels (including moderation, anti‑abuse, spam prevention).

  • Communications: send newsletters/updates you request and transactional messages (receipts, account notices).

  • Analytics: measure reach and performance; improve features and content (e.g., post‑level conversion).

  • Community & growth features: run referrals/recommendations, attribution for discovery, and basic leaderboards inside Substack’s ecosystem.

  • Enforcement & compliance: enforce Terms, protect rights/safety, and comply with legal obligations (including responding to lawful requests).

4) Legal bases / lawful grounds (where applicable)

  • Contract (to provide requested services);

  • Legitimate interests (security, analytics, preventing fraud/abuse, improving services, journalism/public‑interest documentation);

  • Consent (newsletters, certain cookies/analytics);

  • Legal obligations (records/tax compliance).

5) Cookies, ads & analytics; your choices

We use cookies/SDKs for essential functions and Google Analytics 4 for analytics; Substack also performs its own analytics and email instrumentation. If/when we run targeted advertising, that may constitute “sharing” under certain state privacy laws; we will present “Your Privacy Choices / Do Not Sell or Share” controls and honor GPC (and other recognized universal opt‑out signals) where required.

Your controls:

  • Use any cookie banner/controls we provide to disable non‑essential cookies/analytics;

  • Enable GPC in your browser to send a universal opt‑out signal we honor where required;

  • Unsubscribe from emails using the link in any message;

  • Configure your browser to block/clear cookies.

6) State privacy rights (including Texas)

Depending on where you live, you may have rights to access, delete, correct, port, and opt out of targeted advertising, sale, or profiling for decisions that produce legal or similarly significant effects. We honor these rights as required.

How to exercise rights: Email contact@pagproject.com with subject “Privacy Request” and describe your request. We may verify identity and respond within applicable timeframes. If we deny a request, you may appeal by replying “Appeal” to our decision.

We do not sell personal information for money. If we engage in activities considered “sharing,” you may opt out at any time using our controls or via GPC.

7) Sharing with service providers & transfers

We share personal information with service providers under contracts limiting use to our instructions (hosting/CDN, email/newsletter tools, analytics, community platforms, anti‑abuse/security providers, and, if enabled, payment processors). We may disclose information to comply with law, protect rights/safety, or in a corporate transaction (e.g., merger or reorganization).

We are U.S.‑based. Data may be processed in the U.S. or other countries by our providers, with appropriate safeguards.

8) Data retention

  • Accounts & UGC: retained until you request deletion or we remove it per moderation policies; minimal residual copies may persist in backups for a limited period.

  • Email lists: retained until you unsubscribe or your address bounces.

  • Logs/analytics: retained up to 24 months, then aggregated or deleted.

  • Payment/transaction records (if enabled): retained 7 years for tax/recordkeeping.

  • We may retain data longer when necessary for legal, security, fraud‑prevention, or abuse‑prevention reasons.

9) Security

We use reasonable technical and organizational measures (HTTPS, access controls, provider encryption at rest where supported). No system is 100% secure.

10) Children

The Sites & Channels are not directed to children under 13, and we do not knowingly collect data from children under 13. If you believe a child provided data, contact us to delete it.

11) Community spaces & public posting

Community posts, comments, Chat, and voice/text channels may be public or visible to other members. Moderators may review reported content for safety/compliance. Do not post sensitive personal data.

12) Source submissions / tipline

Unsolicited tips or documents you send are non‑confidential unless we expressly agree otherwise in a signed writing. Do not send materials you are not legally permitted to share or that were illegally obtained. We may publish, investigate, or decline to act on any submission. Where legally permitted, we may notify you of legal requests for your data; we require lawful process to disclose records and will assert reporter’s privilege and other defenses when applicable.

13) Corrections/Takedowns (non‑copyright)

If you seek removal or correction of non‑copyright content, email Review@pagproject.com with the exact URL/timestamp, the specific content at issue, the legal basis for your request, and supporting documentation. For copyright, follow our DMCA process in the Terms.

14) Changes

We may update this Policy; material changes will be posted with a new “Last updated” date. Continued use means you accept updates.

Questions or requests? contact@pagproject.com
Takedowns/Corrections: Review@pagproject.com
PAG Project, LLC — 5900 Balcones Drive, STE 100, Austin, TX 78731

© 2025 PAG Project, LLC (TX)
Substack
PrivacyTermsCollection notice
Start your SubstackGet the app
Substack is the home for great culture