Privacy Policy

Level9OS LLC (“Level9OS,” “we”) operates the Level9OS brand and a consulting practice. Level9OS is not the operator of the products featured on this site (LinkUpOS, COO Playbook, StratOS) — those are operated by LucidORG LLC. NextGen Interns is operated by NextGen Interns LLC. This Privacy Policy covers only:

• Visitors to level9os.com (analytics, contact forms).
• Consulting engagement clients of Level9OS LLC.
• Newsletter subscribers to Level9OS communications.

For product-specific data practices, see the Privacy Policy on the product site (each product's LLC is its Data Controller).

We collect the following categories of personal information, each tied to a specific purpose described in the next section:

• Account information — name, email address, hashed password (if applicable), and any profile details you choose to provide. Collected when you create an account and when you update it.
• Authentication data — login tokens, OAuth identifiers from third-party identity providers (e.g. Google), and session identifiers. Collected during sign-in and session maintenance.
• Usage and product telemetry — pages visited, features used, time spent, device type, browser, approximate location inferred from IP. Collected via first-party analytics and server logs during your interaction with the Services.
• Content you submit — text, files, prompts, configurations, and any other material you upload or type into the Services. Collected when you use features that store or process your input.
• Communications — emails, support conversations, feedback, and survey responses. Collected when you contact us or respond to outreach.
• Billing and payment information — if you purchase a paid plan, we receive limited billing metadata (plan, amount, status) from Stripe. Full card details are collected and stored by Stripe, not by us.
• Technical data — IP address, user-agent string, cookies (see our Cookie Policy), and crash or error diagnostics.

We do not knowingly collect special-category data (health, biometric, political affiliation, religion, sexual orientation, etc.). If you share this information unsolicited, we delete it on detection and notify you.

• Responding to inbound inquiries and scheduling consulting conversations.
• Sending newsletter content to subscribers who opt in.
• Understanding site usage in aggregate (privacy-first analytics only).

We never share your contact information with the product-operating LLCs or with any third party for marketing purposes.

• Hosting: Vercel.
• Email: [LIST — Resend, Google Workspace, or equivalent].
• Analytics: [Plausible or Vercel Analytics — name the one enabled].
• Consulting CRM: [IF ANY — Notion, Airtable, or similar; name it].

Depending on your location and applicable law, you have the following rights with respect to your personal information. To exercise any of these, email privacy@level9os.com. We respond within 30 days (GDPR) or 45 days (CCPA) and will not discriminate against you for exercising any right.

GDPR rights (EU / UK residents):

• Access (Art. 15) — obtain a copy of the personal data we hold about you.
• Rectification (Art. 16) — correct inaccurate or incomplete data.
• Erasure (Art. 17) — request deletion where no overriding legal basis requires retention.
• Restriction of processing (Art. 18) — limit how we use your data in specific circumstances.
• Data portability (Art. 20) — receive your data in a structured, machine-readable format.
• Objection (Art. 21) — object to processing based on legitimate interest or direct marketing.
• Withdraw consent (Art. 7(3)) — at any time, without affecting the lawfulness of processing before withdrawal.
• Lodge a complaint (Art. 77) — with your national supervisory authority. The lead authority for Level9OS LLC is the data protection authority of our establishment (see GDPR Art. 56).
• Not be subject to solely automated decision-making (Art. 22) — we do not make decisions that produce legal or similarly significant effects solely by automated means without human review.

CCPA/CPRA rights (California residents):

• Right to know what categories of personal information we collect, the sources, purposes, and third parties we share with.
• Right to access a copy of the specific pieces of personal information we hold about you.
• Right to delete personal information we have collected, subject to legal exceptions (e.g. fraud prevention, tax records, active transactions).
• Right to correct inaccurate personal information.
• Right to opt out of sale or sharing — we do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioural advertising.
• Right to limit use of sensitive personal information — we do not use sensitive personal information beyond what is necessary to provide the Services.
• Right to non-discrimination — we will not deny service, charge different prices, or provide a different level of service as a consequence of exercising your CCPA rights.

To submit a CCPA request, email privacy@level9os.com. We verify identity via the email address on file plus one additional data point before processing deletion or access requests. Authorized agents may submit requests on your behalf with written authorization.

Contact form submissions: 2 years. Newsletter subscribers: until you unsubscribe. Consulting engagement records: 7 years (tax requirement).

We use TLS and privacy-first tooling. Questions? Contact privacy@level9os.com.

Material changes are announced on this page with a revision date at least 14 days before taking effect.