Search
Harbinger Post
Insight Europe
21°C London
June 13, 2026

Privacy Policy

Privacy Policy

Harbinger Post — harbingerpost.com — Last updated: June 10, 2026

1. Introduction and Identity of the Controller

Welcome to Harbinger Post, a digital news publication operated by Harbinger Bros. LLC, a limited liability company incorporated under the laws of the State of Wyoming, United States, with its principal place of business at 1309 Coffeen Avenue, Sheridan, WY 82801, United States (“we,” “us,” “our,” or “the Company”).

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK General Data Protection Regulation (“UK GDPR”), and equivalent legislation in the European Economic Area (“EEA”), Harbinger Bros. LLC acts as the data controller in respect of personal data collected through this website.

We can be reached by email at support@harbingerpressmedia.com. We do not maintain a dedicated Data Protection Officer at this time, as we do not engage in large-scale systematic processing of special categories of personal data; however, all data protection inquiries are handled directly by our compliance team at the address above.

2. Scope and Territorial Application

This Privacy Policy applies to all visitors and users of harbingerpost.com regardless of their location. Harbinger Post directs its content primarily at readers in Europe and globally. We are subject to multiple privacy frameworks depending on your jurisdiction:

  • European Union / EEA visitors: The GDPR applies by virtue of Article 3(2) GDPR, which extends the Regulation to controllers not established in the EU when they offer goods or services to data subjects in the EU or monitor their behaviour within the EU.
  • United Kingdom visitors: The UK GDPR and the Data Protection Act 2018 apply.
  • California residents: The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA/CPRA”), applies.
  • Wyoming residents: The Wyoming Data Privacy Act applies where applicable.
  • Canadian visitors: The Personal Information Protection and Electronic Documents Act (“PIPEDA”) and applicable provincial privacy legislation apply.
  • All other visitors: We apply reasonable data protection standards consistent with the principles set out in this Policy.

3. What Personal Data We Collect

We collect and process only the minimum personal data necessary to operate our publication. We do not require user registration, maintain user accounts, run advertising networks, use third-party analytics trackers, or deploy behavioural profiling technologies.

3.1 Data Collected Automatically by Our Infrastructure

When you access harbingerpost.com, certain technical data is automatically processed by our infrastructure providers as part of the delivery of our web service. This includes:

  • IP address: Your Internet Protocol (IP) address is processed by Vercel Inc. (“Vercel”), our hosting provider, for the purpose of routing network requests, detecting abuse, and maintaining service security. Vercel may retain server access logs for a limited period in accordance with its own data retention policies.
  • HTTP request metadata: This includes your browser type and version (User-Agent string), referring URL, requested URL path, timestamp of the request, and HTTP response codes.
  • TLS/SSL connection data: Technical data required to establish a secure encrypted connection to our servers.

We do not independently store these server logs beyond the retention periods set by Vercel's standard infrastructure logging. We do not use IP addresses to identify individual users or to build profiles.

3.2 Data You Voluntarily Provide

At present, Harbinger Post does not offer comment sections, newsletter subscriptions, contact forms, or other mechanisms through which you would actively submit personal data to us. If such features are introduced in the future, this Policy will be updated accordingly with prior notice.

3.3 Data Stored in Your Browser (localStorage)

We store one (1) item in your browser's localStorage:

KeyPurposeData storedDuration
hpm_cookie_consentRecords your cookie consent decision so we do not repeatedly prompt youA string value indicating consent status (e.g., “accepted” or “declined”)Persistent until manually cleared

This localStorage entry is technically necessary for the operation of our consent management system. It does not contain any unique identifier, does not transmit data to any server, and is not used for tracking or advertising purposes. Under §25(2) of the German Telecommunications Digital Services Data Protection Act (TDDDG) and the equivalent provisions of the ePrivacy Directive (2002/58/EC as amended), the storage of this item does not require separate consent as it is strictly necessary to provide the service explicitly requested by the user.

4. Legal Bases for Processing (GDPR)

For visitors subject to the GDPR or UK GDPR, we rely on the following legal bases under Article 6 GDPR:

  • Article 6(1)(f) GDPR — Legitimate Interests: The automatic processing of your IP address and HTTP request metadata by our hosting infrastructure is necessary for our legitimate interests in maintaining a secure, functional, and reliable website, and in detecting and preventing abuse. We have conducted a legitimate interests assessment and determined that this processing does not override your fundamental rights and freedoms, given the limited nature of the data processed and the absence of profiling or tracking.
  • Article 6(1)(c) GDPR — Legal Obligation: We may process personal data where necessary to comply with applicable legal obligations, including responding to lawfully issued court orders or regulatory demands.
  • Article 6(1)(a) GDPR — Consent: Where we ask for your consent (for example, in relation to optional features not yet deployed), processing will only occur upon your freely given, specific, informed, and unambiguous consent. You may withdraw any consent given at any time without detriment.

5. International Data Transfers

As a US-based company using US and international cloud infrastructure, some processing of personal data occurs outside your home jurisdiction. We take the following measures to ensure adequate protection:

5.1 Transfers to the United States

Our primary hosting provider, Vercel Inc. (440 N Barranca Ave #4133, Covina, CA 91723, USA), processes server-side request data in the United States. Vercel participates in the EU-US Data Privacy Framework as established by Commission Implementing Decision (EU) 2023/1795 of 10 July 2023, which provides an adequacy decision for transfers to certified US organisations. To the extent that any personal data of EEA residents is transferred to Vercel, such transfer is covered by this adequacy decision.

In addition, we rely on Standard Contractual Clauses pursuant to Article 46(2)(c) GDPR as a supplementary transfer mechanism, incorporating the standard data protection clauses adopted by the European Commission in its Implementing Decision (EU) 2021/914 of 4 June 2021.

5.2 Transfers to Singapore

Our database provider, Supabase Inc. (970 Toa Payoh North #07-04, Singapore 318992), may process certain database-level metadata in Singapore. Singapore is not currently the subject of a European Commission adequacy decision for GDPR purposes. Accordingly, any transfer of personal data of EEA residents to Supabase is governed by Standard Contractual Clauses pursuant to Article 46(2)(c) GDPR. We have entered into a data processing agreement with Supabase that incorporates the applicable SCCs and imposes equivalent obligations.

5.3 Transfer Impact Assessments

We have carried out transfer impact assessments in respect of both Vercel and Supabase. These assessments considered the legal frameworks applicable in the United States and Singapore respectively, including applicable surveillance laws, and concluded that, given the nature of the data processed (predominantly technical request metadata, with no personal content submitted by users), the risk to individuals is low and the protections afforded by the applicable transfer mechanisms are sufficient.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected or as required by applicable law:

  • Server access logs (Vercel): Retained for up to 30 days as part of Vercel's standard infrastructure logging, after which they are automatically deleted by Vercel's systems.
  • Browser localStorage data: The hpm_cookie_consent item persists in your browser until you clear your browser storage or withdraw consent. We have no control over and no access to this data once stored on your device.

7. Your Rights Under the GDPR (EU/EEA and UK Visitors)

If you are located in the EEA or the United Kingdom, you have the following rights under the GDPR / UK GDPR:

  • Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether we process personal data concerning you, and if so, to receive a copy of that data and information about how it is processed.
  • Right to rectification (Art. 16 GDPR): You have the right to have inaccurate personal data concerning you corrected without undue delay.
  • Right to erasure / “right to be forgotten” (Art. 17 GDPR): You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent (and no other legal basis applies), or where the data has been unlawfully processed.
  • Right to restriction of processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while a challenge to its accuracy is resolved.
  • Right to data portability (Art. 20 GDPR): Where processing is based on consent or contract and carried out by automated means, you have the right to receive the personal data you have provided to us in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21 GDPR): You have the right to object at any time to processing of your personal data where we rely on legitimate interests as our legal basis. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
  • Right not to be subject to automated decision-making (Art. 22 GDPR): We do not engage in any automated decision-making or profiling that produces legal effects or similarly significantly affects you.
  • Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
  • Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. In Germany, the lead supervisory authority is the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit, BfDI). In France: CNIL. In the United Kingdom: the Information Commissioner's Office (ICO). In Italy: Garante per la protezione dei dati personali. In Spain: Agencia Española de Protección de Datos (AEPD).

To exercise any of these rights, please contact us at support@harbingerpressmedia.com. We will respond within one month of receipt of your request, as required by Article 12 GDPR, and may extend this by a further two months where the request is complex or numerous.

8. Your Rights Under the CCPA/CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA/CPRA”) grants you the following rights:

  • Right to know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collection, and the categories of third parties with whom it is shared.
  • Right to delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to correct: You have the right to request correction of inaccurate personal information we maintain about you.
  • Right to opt-out of sale or sharing: We do not sell your personal information to third parties. We do not share personal information for cross-context behavioural advertising. Accordingly, there is no opt-out mechanism required for this purpose.
  • Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
  • Right to limit use of sensitive personal information: We do not collect sensitive personal information as defined under the CPRA.

To submit a CCPA/CPRA request, please email support@harbingerpressmedia.com with the subject line “California Privacy Request.” We will respond within 45 days, with a possible extension of an additional 45 days where reasonably necessary.

Categories of personal information collected in the preceding 12 months: Internet or other electronic network activity information (server log data including IP addresses and browser identifiers). We have not sold or shared any personal information.

9. Your Rights Under PIPEDA (Canadian Visitors)

Visitors from Canada have rights under the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and applicable provincial legislation. You have the right to access your personal information held by us and to challenge its accuracy. To exercise these rights, please contact us at support@harbingerpressmedia.com.

10. Children's Privacy

Harbinger Post is a general-interest news publication and is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe that we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete the data.

11. Security Measures

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include TLS/SSL encryption for all data in transit, access controls on our database infrastructure, and the contractual security obligations imposed on our processors, Vercel and Supabase.

12. Third-Party Services and External Connections

Harbinger Post operates without advertising revenue. We do not deploy advertising networks, retargeting pixels, or behavioural profiling technologies. The following third-party services are involved in the operation of this website:

Infrastructure Providers

  • Vercel Inc. (650 California Street, San Francisco, CA 94108, USA) — website hosting and content delivery. Vercel processes server log data including IP addresses solely for the purpose of delivering web pages to your browser. Vercel’s privacy policy: vercel.com/legal/privacy-policy
  • Supabase Inc. (970 Toa Payoh North, Singapore 318992) — database hosting. Supabase stores article content and site configuration data. No visitor personal data is stored in our database beyond what is described in this policy. Supabase’s privacy policy: supabase.com/privacy

Image Delivery

Article images may be hosted on and served directly from Unsplash (Unsplash Inc., Montreal, QC, Canada). When your browser loads an image from Unsplash servers, Unsplash may receive your IP address and standard browser request headers as part of the HTTP connection. We have no control over Unsplash’s data processing. Unsplash’s privacy policy: unsplash.com/privacy

Google Search Console

We use Google Search Console (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to monitor how harbingerpost.com appears in Google Search results and to identify and resolve indexing issues. Google Search Console provides us with aggregated, anonymised data about search queries and page performance; we do not receive personal data about individual visitors through this tool. Google’s privacy policy: policies.google.com/privacy

Social Media

We maintain social media presences on Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland), X / Twitter (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA), and Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland). The social media icons in our footer are simple hyperlinks — no social media plugins, share buttons, tracking pixels, or “Like” buttons are embedded on this website. Your browser makes no connection to any social media platform unless you actively click one of these links. When you click a link and are redirected to the platform, the platform’s own privacy policy governs all subsequent data processing.

13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. We will indicate the date of the most recent revision at the top of this page. For material changes, we will take reasonable steps to notify users, such as posting a prominent notice on the website. Your continued use of harbingerpost.com following the posting of changes constitutes your acceptance of those changes to the extent permitted by applicable law.

14. Contact

For all privacy-related inquiries, requests to exercise data subject rights, or complaints, please contact:
Harbinger Bros. LLC
1309 Coffeen Avenue, Sheridan, WY 82801, United States
Email: support@harbingerpressmedia.com