Privacy Notice

Who we are

Stellerj — operating from the United States. For the purposes of the UK GDPR and EU GDPR, Stellerj is the data controller for the personal data described in this notice. A registered postal address will be added once Stellerj is incorporated.

Stellerj is established outside the EU and UK. As our processing is currently limited in scale and poses low risk to data subjects' rights and freedoms, we rely on the Article 27(2)(a) exemption and have not appointed an EU or UK representative at this time. We will keep this position under review as the service scales.

We have not appointed a Data Protection Officer, as our current processing activities do not meet the thresholds for mandatory appointment under Article 37 of the GDPR.

You can reach us at legal@stellerj.com with any questions about how we handle your data.

What data we collect

If you accept our cookie banner, we collect analytics data through PostHog: the pages you visit, approximate geographic region derived from your IP address, and standard device information such as browser type and screen resolution. We do not collect your name, email address, or any information that directly identifies you.

We do not use this data for advertising, profiling, re-identification, or any purpose other than understanding how visitors use the site so we can improve it.

International transfers

PostHog processes analytics data on our behalf in the United States. Transferring personal data outside the EU and UK requires a recognized legal safeguard, which we name explicitly here so the transfer mechanism is verifiable from this notice alone.

For visitors in the EU, the transfer to the US is covered by the EU Standard Contractual Clauses (Module 2, controller-to-processor), incorporated into PostHog's Data Processing Agreement.

For visitors in the UK, the transfer is covered by PostHog's UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs.

Both instruments are available in PostHog's Data Processing Agreement.

Lawful basis

We process analytics data on the basis of your consent, under Article 6(1)(a) of the UK GDPR and EU GDPR. No analytics data is collected unless and until you explicitly accept the cookie banner.

You have the right to withdraw consent at any time under Article 7(3). Withdrawing consent does not affect the lawfulness of any processing that took place before withdrawal. See our Cookie Notice for how to do this.

Retention

Analytics data is retained by PostHog for up to one year from collection on our current PostHog plan. We review this retention period annually and will update this notice if it changes.

When you withdraw consent, no new data is collected. To request deletion of previously collected data, contact us at legal@stellerj.com.

Your rights

Under Articles 15 through 22 of the UK GDPR and EU GDPR, you have the right to: access the personal data we hold about you (Article 15); have inaccurate data corrected (Article 16); request erasure of your data in certain circumstances (Article 17); restrict how we process your data (Article 18); receive your data in a portable format (Article 20); and object to processing (Article 21).

To exercise any of these rights, email legal@stellerj.com. We will respond within one month, as required by Article 12(3). Where a request is particularly complex or where you have made a number of requests, we may extend this period by a further two months and will tell you about any extension within the first month.

If you believe we have not handled your data correctly, you also have the right to lodge a complaint with a supervisory authority. In the UK, that is the Information Commissioner's Office (ICO). In the EU, your national data protection authority — a directory of EU/EEA authorities is available from the European Data Protection Board.

California residents

If you are a California resident, the California Consumer Privacy Act as amended by the CPRA ("CCPA/CPRA") may apply to your personal information. Stellerj does not currently meet the CCPA/CPRA's business thresholds (USD 25 million in annual gross revenue; 100,000 California consumers or households per year; or 50% of annual revenue from selling or sharing personal information), but we extend the substantive disclosures below to all visitors regardless.

We do not sell or share personal information as those terms are defined under the CCPA/CPRA. PostHog acts as our service provider under a written agreement that limits PostHog to processing the analytics data for our purposes only; that contractual relationship is excluded from the CCPA/CPRA definition of "sale" and "sharing".

If you are a California resident and would like to exercise any rights you may have under the CCPA/CPRA, including the right to know, delete, or correct personal information, contact us at legal@stellerj.com.

How to contact us

For any privacy-related queries, to exercise a data subject right, or to request deletion of your analytics data, contact us at legal@stellerj.com.

Changes to this notice

We may update this notice as our service evolves. When we do, we will update the "Last updated" date at the top of this page. If changes are material, we will take reasonable steps to bring them to your attention.

If the legal mechanism for transferring UK data to third countries changes — for example following any revision to UK adequacy regulations or replacement of the UK IDTA — we will update this notice accordingly.

Recent updates: 2 May 2026 — re-audited by our GDPR reviewer; added explicit international-transfer, California, controller-establishment, and Article 27 disclosures, and clarified the analytics retention period. 3 May 2026 — presentation-only polish pass for parity with the Cookie Notice (no disclosure content changed; literal identifiers and the contact email rendered in monospace; supervisory- authority and PostHog DPA references rendered as clickable links; visible "Last updated" line moved under the H1).