Privacy Policy
Fulcrum Enterprises LLC · Effective 2026-04-26 · Last updated 2026-04-26
Contents
- Scope & Relationship to Product Policies
- Information We Collect
- How We Use Information
- Lawful Bases for Processing
- Public Social Media Monitoring
- Cold Email Outreach
- Sub-Processors & Service Providers
- Data Retention
- Security
- International Data Transfers
- California Rights (CCPA / CPRA)
- EU and UK Rights (GDPR / UK GDPR)
- Other Jurisdictions
- Cookies and Tracking
- Children
- Changes to This Policy
- Contact
1. Scope & Relationship to Product Policies
This policy describes how Fulcrum Enterprises LLC (a Florida limited liability company, "Fulcrum," "we," "us") collects, uses, shares, and protects information in connection with:
- The corporate website at fulcrumenterprises.tech
- First-party Fulcrum-branded tools that operate on the founder's behalf (including content publishing, market intelligence, and lead outreach systems collectively referred to as the "Fulcrum Operations Stack")
- Direct correspondence with Fulcrum (email, postal mail)
Each Fulcrum product operates under its own privacy policy. If you are a customer or visitor of one of those products, the product's privacy policy governs your data within that product:
- ProofAnchor (creator-facing blockchain timestamping) — proofanchor.com/privacy
- ProofLedger (enterprise blockchain evidence platform) — proofledger.io/privacy
- Rail Command (single-tenant rail-logistics tool) — no third-party customer data is collected; this product currently has no public users
When two policies could apply, the product policy controls for product-specific data (account, billing, proofs, dashboards) and this policy controls for marketing operations, the corporate website, and the founder's content publishing activities.
2. Information We Collect
2.1. From the corporate website
- Standard request metadata — IP address, user agent, referring page, request timestamps. Processed by our hosting provider (Cloudflare) for routing, caching, and abuse prevention. Fulcrum does not run a separate analytics, advertising, or behavioral-tracking script on this site.
- Search engine verification files — small static files used to verify ownership of the domain with Google Search Console and Bing Webmaster Tools. These contain no user data.
2.2. From direct contact
- Email content — when you email craig@fulcrumenterprises.tech, we receive whatever you choose to share. Used only to respond, store conversation history, and meet legal obligations.
- Postal mail — anything you send to our mailing address.
2.3. From the content publishing system
Fulcrum operates an internal tool that publishes content on the founder's authorized social-media accounts (LinkedIn, Bluesky, Twitter/X, Dev.to, Hashnode, and others). This system stores:
- OAuth credentials and API tokens for the founder's own accounts on those platforms. These are stored on Fulcrum infrastructure and are never shared with third parties.
- Drafts of content awaiting review and publication, including draft text, image assets, and metadata about which platform each draft is intended for.
- Publication results — post URLs, timestamps, and engagement counts (likes, replies, reposts) returned by each platform's API.
2.4. From public social-media monitoring
The Fulcrum Operations Stack monitors public posts on Reddit, Bluesky, Hacker News, Stack Overflow, Product Hunt, niche industry forums, and public RSS feeds for content relevant to our products' topics. When we collect such posts we typically retain:
- The post content (title, body, URL, public-platform identifier)
- The author's public username or handle on that platform
- The timestamp and community/subreddit/feed of origin
- Engagement counts where the platform exposes them publicly
We do not collect private messages, private posts, email addresses, or any data behind a login wall. We do not deanonymize pseudonymous accounts. Section 5 ("Public Social Media Monitoring") explains this practice in more detail.
2.5. From engagement on our published content
When other users reply to or comment on content the founder publishes through the system above, we may receive and store the reply text, the commenter's public handle, and an associated sentiment classification (positive, neutral, negative) we generate locally. This is used to learn which content the founder's audience finds useful.
2.6. From lead enrichment for B2B outreach
For ProofLedger's enterprise sales channel, the Fulcrum Operations Stack maintains a database of organizations potentially relevant to the product (insurance, legal, forensic engineering). For each organization we may store:
- Organization name, public website, public industry classification
- Public contact email addresses (e.g., addresses listed on the organization's public website or contact pages, or supplied by the recipient)
- Whether outreach has been sent and when, plus any reply or unsubscribe action received
We do not purchase email lists from data brokers and do not scrape personal email addresses of natural persons not associated with a public business contact role.
2.7. Information we do not collect
- We do not run advertising trackers, third-party analytics tags, or behavioral pixels on fulcrumenterprises.tech.
- We do not buy, rent, or aggregate visitor data from data brokers.
- We do not collect biometric data, precise geolocation data, government IDs, or financial account numbers via this corporate site.
- We do not knowingly collect data about anyone under 18 (see Section 15).
3. How We Use Information
- To operate the corporate website and prevent abuse.
- To respond to inbound inquiries from prospects, partners, journalists, and others.
- To author, schedule, and publish content on the founder's authorized social-media accounts.
- To analyze public industry conversation to inform what our products build and how we describe them.
- To generate and send small-volume B2B outreach to organizations we believe are potentially relevant to our products.
- To measure the performance of our published content (engagement, replies, conversions on owned domains) and improve future content.
- To meet legal, accounting, tax, and compliance obligations.
- To detect, investigate, and prevent security incidents, fraud, and abuse of our infrastructure.
4. Lawful Bases for Processing (GDPR / UK GDPR)
For data subjects in the European Union, the United Kingdom, and other jurisdictions that distinguish lawful bases, we rely on the following:
- Legitimate interests (Article 6(1)(f)) for: operating and securing the corporate website; analyzing public social-media content for product and market intelligence; sending small-volume B2B outreach to organizational contacts; measuring content performance.
- Consent (Article 6(1)(a)) where you provide an opt-in (for example, by replying affirmatively to outreach or sending us your email).
- Performance of a contract (Article 6(1)(b)) where you have a direct customer relationship with one of our products (governed by that product's privacy policy).
- Legal obligation (Article 6(1)(c)) for retention of records required by tax, accounting, or other applicable law.
Where we rely on legitimate interests, we balance our interests against your rights and interests. You may object to processing based on legitimate interest at any time using the contact details in Section 17.
5. Public Social Media Monitoring
Our market intelligence pipeline collects and indexes publicly visible posts from platforms including Reddit, Bluesky, Hacker News, Stack Overflow, Product Hunt, and selected industry forums and RSS feeds. We do this to understand creator and enterprise conversations relevant to ProofAnchor (creator authorship) and ProofLedger (legal evidence and chain-of-custody).
What we collect: publicly visible post content, author handle (public username only), URL, timestamp, and engagement counts.
What we do not do: we do not access private posts, direct messages, or content behind a login wall. We do not attempt to identify pseudonymous accounts. We do not contact authors of monitored posts using contact information that is not publicly listed. We do not republish another person's post without attribution.
If you are an author of a publicly indexed post and would like it removed from our market-intelligence database, contact us using Section 17 with the URL and we will delete it within 30 days.
6. Cold Email Outreach
Fulcrum sends a small volume of business-to-business cold outreach email related to ProofLedger, primarily to organizational contacts in the insurance, legal services, and forensic engineering sectors. We do this in compliance with the U.S. CAN-SPAM Act, Canada's CASL, and the GDPR.
Every outreach email includes: the sender's identity (Fulcrum Enterprises LLC), a working unsubscribe mechanism, our postal mailing address, and a clear indication of the email's commercial intent.
If you unsubscribe, we honor the request within 10 business days (CAN-SPAM standard) and typically immediately. We retain a record of unsubscribed addresses to ensure we do not re-contact you.
If you are in the EU, UK, or Canada, the lawful basis we rely on for outreach is legitimate interest in offering relevant business services, balanced against your rights. You may object at any time using the contact methods in Section 17 or the unsubscribe link in any outreach email we have sent.
7. Sub-Processors and Service Providers
Fulcrum relies on the following third-party services to operate. Each operates under its own privacy policy and data-processing terms.
| Provider | Purpose | Data shared |
|---|---|---|
| Cloudflare | Website hosting (Pages), CDN, DNS, secure tunnels, image-generation models | Request metadata, IP addresses, content delivered from our origins |
| Google Workspace | Email infrastructure for craig@fulcrumenterprises.tech and related addresses | Email content sent to or from us |
| Google Search Console / Bing Webmaster | Aggregated search performance reporting | Aggregated, de-identified search query and crawl data |
| Stripe | Payment processing for ProofAnchor and ProofLedger customers | Payment information for paying customers (governed by the relevant product privacy policy) |
| SendGrid | Transactional and outreach email delivery (ProofAnchor) | Recipient email addresses and message content |
| Brevo | Transactional email delivery (multiple Fulcrum products) | Recipient email addresses and message content |
| Resend | Outreach email delivery (ProofLedger) | Recipient email addresses and message content |
| Anthropic (Claude API) | Large language model used to draft and analyze content | Prompts that may include public posts collected under Section 2.4 and draft content, sent over a paid API |
| LinkedIn, Bluesky, Twitter/X, Dev.to, Hashnode, Reddit | Publishing and public monitoring via official APIs | OAuth tokens for the founder's own accounts; public post content read from public APIs |
| Polygon, Bitcoin, OpenTimestamps | Public blockchain anchoring (used by ProofAnchor and ProofLedger products) | Cryptographic hashes of customer files only — never the files themselves |
We do not sell, rent, or otherwise transfer personal information to third parties for their independent marketing or advertising purposes.
8. Data Retention
- Server logs (corporate site) — retained by Cloudflare per their default policy. Fulcrum does not maintain a separate copy.
- Email correspondence — retained for the operational life of the conversation plus any period required for tax, accounting, or legal purposes.
- OAuth credentials and content drafts — retained for the operational life of the publishing tool. Revoking the OAuth grant on the source platform invalidates the token immediately.
- Indexed public social-media posts — retained for up to 24 months from collection, after which they are deleted unless they form part of a permanent product-improvement record. Removal-on-request is honored within 30 days (Section 5).
- Lead-enrichment records — retained for the operational life of the outreach program. Unsubscribed contacts are retained on a do-not-contact list to prevent re-contact.
- Engagement data on our own posts — retained indefinitely as part of public-record content history; only public handles and reply text are stored.
9. Security
We use industry-standard practices proportional to the data we hold: encrypted connections (HTTPS/TLS) for all web traffic, OAuth refresh-token rotation for social-platform credentials, restricted access to infrastructure (SSH key authentication, no shared passwords), encrypted at-rest storage on managed cloud providers, regular dependency updates, and isolation between products and their data stores. No system is fully invulnerable, but we apply reasonable controls and review them periodically.
10. International Data Transfers
Fulcrum is based in the United States. Several of our sub-processors store or process data in the United States or in other countries outside the European Economic Area, the United Kingdom, or your country of residence.
Where we transfer personal data of EU, UK, or Swiss residents outside those jurisdictions, we rely on the relevant Standard Contractual Clauses or other approved safeguards published by the European Commission and the UK Information Commissioner's Office. Cloudflare, Google, Anthropic, Stripe, and our other large sub-processors maintain published cross-border transfer mechanisms.
11. California Rights (CCPA / CPRA)
California residents have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:
- Right to know what personal information we have collected about you and how we use it.
- Right to delete personal information, subject to legal exceptions.
- Right to correct inaccurate personal information.
- Right to opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising.
- Right to limit the use of sensitive personal information. We do not collect categories of sensitive personal information that would trigger this right.
- Right to non-discrimination for exercising any of these rights.
To exercise any of these rights, contact us using Section 17. We will verify the request, respond within 45 days (with one 45-day extension where reasonably necessary), and provide our response without charge.
12. EU and UK Rights (GDPR / UK GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation, the UK General Data Protection Regulation, and applicable Swiss law:
- Right of access to the personal data we hold about you.
- Right to rectification of inaccurate or incomplete personal data.
- Right to erasure ("right to be forgotten"), subject to legal exceptions.
- Right to restrict processing in certain circumstances.
- Right to data portability for personal data you provided directly.
- Right to object to processing based on legitimate interests, including direct marketing. Objections to direct marketing are honored unconditionally.
- Right to withdraw consent where processing is based on consent.
- Right to lodge a complaint with your national data protection authority (in the UK, the Information Commissioner's Office).
To exercise any of these rights, contact us at craig@fulcrumenterprises.tech. We respond within 30 days (with one 60-day extension where strictly necessary). Fulcrum is the data controller for processing described in this policy.
13. Other Jurisdictions
Residents of jurisdictions with their own privacy laws — including but not limited to Canada (PIPEDA), Brazil (LGPD), Australia (Privacy Act 1988), and U.S. states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Utah, and others) — generally have rights similar to those described above. We honor verifiable requests under these laws to the extent they apply. Contact us using Section 17.
14. Cookies and Tracking
The fulcrumenterprises.tech corporate website does not set first-party cookies and does not embed third-party scripts that set cookies. Cloudflare may set strictly necessary cookies for routing, bot mitigation, and DDoS protection as part of its CDN service.
Each Fulcrum product may use cookies for product functionality (authentication, billing). Refer to that product's privacy policy for product-specific cookie practices.
15. Children
Fulcrum's products and tools are not intended for individuals under 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will delete it. Parents and legal guardians can contact us using Section 17 to request review or deletion.
16. Changes to This Policy
We may update this policy from time to time. The "Effective" and "Last updated" dates at the top of this page reflect the most recent revision. For material changes, we will post a prominent notice at this URL and, where required by law, provide additional notice (e.g., by email to active product customers). Your continued use of fulcrumenterprises.tech or interaction with our outreach after a material change constitutes acceptance of the updated policy.
17. Contact
Privacy questions, data-subject requests, removal requests under Section 5, opt-out requests for outreach, or complaints can be sent to:
Email: craig@fulcrumenterprises.tech
Postal mail:
Fulcrum Enterprises LLCPrivacy Requests
PO Box 24
Floral City, FL 34436
United States
For EU and UK residents: Fulcrum is the data controller and serves as your direct contact for GDPR and UK GDPR requests. We do not currently maintain a representative in the EU or UK; the controller's email address above is the primary contact.