Privacy Policy

1. Introduction

AI Tech Business Ltd ("we", "us", "our") is committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at aitechbusiness.com and use our services.

We are the data controller responsible for your personal data. Our registered office is located at 25 Old Broad Street, London, EC2N 1HN, United Kingdom. Company registration number: 12345678. For any questions regarding this Privacy Policy or our data practices, please contact us using the details provided in Section 13 below.

This policy applies to all personal data we process about you, whether collected through our website, email communications, phone calls, or other interactions with our business. By using our services, you acknowledge that you have read and understood this Privacy Policy.

2. What Data We Collect

We collect several types of information from and about users of our website and services:

Personal Identification Information: When you fill out contact forms, request consultations, or subscribe to our newsletters, we collect your full name, email address, phone number, company name, job title, and any other information you voluntarily provide in message fields or inquiry forms.

Technical Data: We automatically collect certain technical information when you visit our website, including your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.

Usage Data: We collect information about how you interact with our website, including the pages you visit, the time and date of your visits, the time spent on pages, unique device identifiers, clickstream data, referring website addresses, and other diagnostic data that helps us understand user behavior and improve our services.

Marketing and Communications Data: This includes your preferences for receiving marketing communications from us and your communication preferences regarding how you wish to be contacted.

Cookies and Tracking Technologies: We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing activities. Details about our cookie usage are provided in Section 10 below.

3. How We Collect Your Data

We collect personal data through various methods:

Direct Interactions: You provide us with personal data directly when you fill out forms on our website, request information about our services, subscribe to newsletters, participate in surveys, provide feedback, contact us via email or phone, or engage with our content on social media platforms.

Automated Technologies: As you navigate our website, we automatically collect technical data about your equipment, browsing actions, and patterns. We collect this data using cookies, server logs, and similar technologies. Our web servers automatically log standard access information including browser type, access times, pages viewed, and IP addresses.

Third-Party Sources: We receive personal data about you from analytics providers such as Google Analytics, advertising networks, and search information providers. We may also receive data from publicly available sources such as business directories and professional networking platforms when you interact with our content or express interest in our services.

Cookies and Tracking Pixels: We use first-party and third-party cookies for analytics purposes, to remember your preferences, and to deliver personalized content. If you use social media sharing buttons on our website, the respective social media platforms may place cookies on your device. We also use tracking pixels from advertising platforms like Meta (Facebook/Instagram) to measure campaign effectiveness.

4. Legal Basis for Processing (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), we must have a legal basis to process your personal data. We process your personal data under the following legal grounds as defined in Article 6 of the GDPR:

Consent (Article 6(1)(a)): When you provide explicit consent for us to process your personal data for specific purposes, such as subscribing to marketing communications, participating in surveys, or accepting cookies for analytics and personalization. You have the right to withdraw consent at any time.

Contract Performance (Article 6(1)(b)): Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract, such as when you request a consultation or engage our services.

Legitimate Interests (Article 6(1)(f)): We process your data when necessary for our legitimate business interests or those of a third party, provided your rights and freedoms do not override those interests. This includes improving our website and services, conducting business analytics, detecting and preventing fraud, network and information security, and internal administrative purposes.

Legal Obligation (Article 6(1)(c)): We process your data when necessary to comply with legal obligations, such as tax reporting requirements, responding to lawful requests from public authorities, or complying with court orders.

5. How We Use Your Data

We use the personal data we collect for the following purposes:

Service Delivery: To provide, maintain, and improve our artificial intelligence consulting services, respond to your inquiries, process your requests for information, deliver consultation services you have requested, and communicate with you about your account or our services.

Marketing and Communications: To send you promotional materials, newsletters, and updates about our services, products, events, and special offers that may interest you, but only where you have consented to receive such communications or where we have a legitimate interest in doing so and your rights do not override those interests. You can opt out of marketing communications at any time.

Analytics and Improvement: To analyze how users interact with our website, understand user preferences and trends, improve our website functionality and user experience, develop new features and services, and conduct research to enhance our AI solutions and business offerings.

Legal Compliance and Protection: To comply with applicable laws, regulations, and legal processes, enforce our terms of service and other agreements, protect our rights and property, detect and prevent fraud or security issues, and ensure the safety of our users and employees.

Business Operations: To manage our business relationships, process payments, maintain records, conduct internal audits, perform accounting and administrative tasks, and support general business operations and corporate governance.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements. Specific retention periods depend on the type of data and the purpose for processing:

Contact Form Data: Information submitted through contact forms is retained for 2 years from the date of submission to allow us to respond to inquiries and maintain a record of our communications. After this period, data is securely deleted unless you have become a client, in which case client retention periods apply.

Marketing Communications: If you subscribe to our newsletter or marketing communications, we retain your contact information and preference data until you unsubscribe or for 3 years of inactivity, whichever comes first. Once you unsubscribe, we suppress your data to ensure you do not receive further marketing communications.

Client Data: For users who become clients and engage our services, we retain personal data for 7 years after the end of the client relationship to comply with financial record-keeping requirements, tax obligations, and potential legal claims.

Analytics and Usage Data: Technical data collected through website analytics is typically retained in anonymized or aggregated form for up to 26 months to analyze trends and improve our services. IP addresses and device identifiers are anonymized after 14 months.

Cookies: Session cookies expire when you close your browser. Persistent cookies remain on your device for the duration specified in the cookie (typically between 13 months and 2 years) or until you manually delete them. Details are provided in Section 10.

When personal data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule and applicable legal requirements.

7. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your personal data with the following categories of recipients for the purposes described in this policy:

Service Providers: We engage trusted third-party companies to perform functions on our behalf, including website hosting providers (Amazon Web Services), email service providers (Mailchimp, SendGrid), customer relationship management systems (Salesforce), payment processors (Stripe), and IT support services. These service providers have access to personal data only as needed to perform their functions and are contractually obligated to protect your data.

Analytics Providers: We use analytics services such as Google Analytics to understand how visitors use our website. These providers collect data through cookies and similar technologies. Google Analytics collects information such as how often users visit our site, what pages they visit, and what other sites they used prior to visiting. We use this information to improve our website and services.

Advertising Partners: We may share limited data with advertising platforms such as Meta (Facebook/Instagram Ads) and Google Ads to deliver targeted advertising and measure campaign effectiveness. This includes hashed email addresses for custom audience matching and pixel data for conversion tracking. You can opt out of personalized advertising through your browser settings or the Digital Advertising Alliance opt-out tools.

Professional Advisers: We may share personal data with lawyers, accountants, auditors, insurers, and other professional advisers who provide legal, accounting, insurance, banking, or other consulting services to our business.

Legal and Regulatory Authorities: We may disclose your personal data to government bodies, regulatory authorities, law enforcement agencies, or courts when required by law, in response to legal process, to establish or exercise our legal rights, to defend against legal claims, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers: In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred to the successor entity or acquiring party, subject to the terms of this Privacy Policy.

We require all third parties to whom we transfer personal data to respect the security of your data and to treat it in accordance with applicable law. We only permit them to process your data for specified purposes and in accordance with our instructions.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) that may not offer the same level of data protection as your home country. This occurs when our service providers, analytics tools, or advertising partners operate infrastructure in other jurisdictions, including the United States.

Whenever we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place to protect your data and comply with applicable data protection laws. These safeguards include:

Standard Contractual Clauses: We use Standard Contractual Clauses approved by the European Commission (also known as Model Clauses) when transferring data to service providers in countries without adequacy decisions. These clauses impose strict obligations on recipients to protect your data at the same standard required within the EEA.

Adequacy Decisions: Where the European Commission has determined that a country provides an adequate level of data protection (such as the UK, Switzerland, or countries covered by adequacy decisions), we may transfer data to that country without additional safeguards.

Vendor Certifications: Some of our service providers, particularly those based in the United States, participate in recognized certification frameworks that ensure appropriate data protection standards for international transfers.

You have the right to request information about the safeguards we have in place for international transfers of your personal data. Please contact us using the details in Section 13 if you would like further information.

9. Your Data Protection Rights

Under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, you have the following rights regarding your personal data:

Right of Access (Article 15): You have the right to request a copy of the personal data we hold about you and to receive information about how we process it. We will provide this information free of charge within one month of your request.

Right to Rectification (Article 16): You have the right to request that we correct any personal data that is inaccurate or incomplete. We will make corrections within one month of your request and notify any third parties with whom we have shared your data.

Right to Erasure (Article 17): Also known as the "right to be forgotten", you have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected, you withdraw consent, or you object to processing and there are no overriding legitimate grounds.

Right to Restriction of Processing (Article 18): You have the right to request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to processing while we verify your objection.

Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible, applicable to data processed by automated means based on consent or contract.

Right to Object (Article 21): You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Right to Withdraw Consent (Article 7): Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal. You can withdraw consent by clicking unsubscribe links in emails or contacting us directly.

Right to Lodge a Complaint: You have the right to lodge a complaint with the supervisory authority in your country if you believe we have violated data protection laws. In the UK, the supervisory authority is the Information Commissioner's Office (ICO), which can be contacted at ico.org.uk. In other EEA countries, contact details for supervisory authorities are available at edpb.europa.eu.

To exercise any of these rights, please contact us using the details provided in Section 13. We will respond to your request within one month, though this period may be extended by two months for complex requests. We may request additional information to verify your identity before processing requests.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and personalize content. A cookie is a small text file placed on your device that allows us to recognize your browser and remember certain information.

Essential Cookies: These cookies are strictly necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. Essential cookies remember your cookie preferences and maintain session state as you navigate between pages. These cookies do not collect personally identifiable information and cannot be disabled. Duration: Session or up to 1 year.

Analytics Cookies: We use analytics cookies, primarily through Google Analytics, to understand how visitors interact with our website. These cookies collect information about pages visited, time spent on pages, navigation paths, traffic sources, and device information. This data is aggregated and anonymized to produce statistical reports that help us improve our website. We have configured Google Analytics to anonymize IP addresses and have disabled data sharing with Google for advertising purposes. Duration: 13-26 months.

Marketing Cookies: With your consent, we use marketing cookies from advertising platforms such as Meta Pixel (Facebook/Instagram) and Google Ads to deliver personalized advertisements, track conversion events, and measure campaign effectiveness. These cookies may track your browsing activity across different websites to build a profile of your interests. Duration: 13 months to 2 years.

Preference Cookies: These cookies remember your preferences and settings, such as language selection, region, and display preferences, to provide a more personalized experience on return visits. Duration: 6-12 months.

Managing Cookies: You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies, though this may impact your experience on our website and other sites. You can also opt out of personalized advertising through the Digital Advertising Alliance (youradchoices.com), Network Advertising Initiative (networkadvertising.org), or European Interactive Digital Advertising Alliance (youronlinechoices.eu). To opt out of Google Analytics tracking, install the Google Analytics Opt-out Browser Add-on available at tools.google.com/dlpage/gaoptout.

When you first visit our website, we display a cookie consent banner allowing you to accept or reject non-essential cookies. Your choice is stored in a cookie so we remember your preference on subsequent visits. You can change your cookie preferences at any time through our cookie management tool or by clearing your browser cookies and revisiting the site.

11. Children's Privacy

Our website and services are not directed at children under the age of 16, and we do not knowingly collect personal data from children. If you are under 16 years of age, please do not use our website or provide any personal information to us.

If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information immediately. If you believe we might have inadvertently collected information from a child under 16, please contact us using the details in Section 13 so we can promptly address the issue.

Parents and guardians should monitor their children's internet usage and help enforce this Privacy Policy by instructing children never to provide personal information through our website without permission.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will notify you through one or more of the following methods:

We will post a notice on our website homepage indicating that the Privacy Policy has been updated. The "Last Updated" date at the top of this policy will be revised to reflect the effective date of the changes. For registered users or newsletter subscribers, we may send an email notification to the address you provided highlighting the key changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data. Your continued use of our website and services after changes to this policy constitutes your acceptance of the updated terms.

If we make changes that materially affect your rights or how we process your personal data, we will provide at least 30 days' notice before the changes take effect and may require your explicit consent for continued processing under the new terms where legally required.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us through any of the following channels:

Data Protection Officer
AI Tech Business Ltd
25 Old Broad Street
London, EC2N 1HN
United Kingdom

Email: [email protected]
Phone: +44 20 7123 4567

We aim to respond to all legitimate requests within one month. Occasionally it may take longer if your request is particularly complex or you have made multiple requests. In such cases, we will notify you and keep you updated on progress.

For complaints or concerns about how we handle your personal data, you also have the right to contact the Information Commissioner's Office (ICO) in the UK at ico.org.uk or call their helpline at 0303 123 1113.