1. Information We Collect
1.1 Information You Provide
We collect information you provide directly when you:
- Complete our AI readiness assessment or contact forms
- Schedule consultation calls or strategy sessions
- Engage our consulting services
- Subscribe to our newsletter or download resources
- Communicate with us via email, phone, or other channels
This may include: name, email address, phone number, company name, job title, business information, and details about your operations and challenges.
1.2 Information Collected Automatically
When you visit our website, we automatically collect:
- Device information (browser type, operating system, device identifiers)
- Usage data (pages visited, time spent, click patterns)
- IP address and general location information
- Referral source and search terms
1.3 Information from Third Parties
We may receive information from:
- Business partners and referral sources
- Public databases and data enrichment services
- Social media platforms (LinkedIn, when you interact with our content)
- Analytics and marketing service providers
2. How We Use Your Information
We use collected information to:
- Provide Services: Deliver consulting services, assessments, and strategic recommendations
- Communication: Respond to inquiries, schedule consultations, and provide customer support
- Marketing: Send newsletters, case studies, and relevant AI implementation resources (with your consent)
- Improvement: Analyze website usage to improve our services and user experience
- Legal Compliance: Meet legal obligations and protect our rights
- Business Operations: Maintain records, conduct research, and improve our methodology
AI-Specific Data Use: If you engage our AI implementation services, we may process your business data to analyze workflows, document processes, and develop AI solutions. This processing is always done under strict confidentiality agreements and with appropriate security measures.
3. Data Processing and AI Systems
3.1 Our AI Implementation Philosophy
When implementing AI systems for clients, we follow a "data protection by design" approach:
- Client data is classified before any AI processing (public, confidential, privileged)
- Sensitive data never sent to public AI systems without explicit consent
- We use API-based or self-hosted AI where appropriate to maintain data control
- All AI processing documented with audit trails
3.2 Third-Party AI Services
We may use third-party AI services for our own operations (not client data). These include:
- Claude (Anthropic) - AI assistant for internal operations
- OpenAI services - Analysis and content generation
- Automated transcription services - For consultation call notes (with consent)
When using these services, we ensure they have appropriate data protection measures and do not use our data for training their models.
4. Data Sharing and Disclosure
4.1 We Do Not Sell Your Data
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
4.2 We May Share Information With:
- Service Providers: GoHighLevel (CRM), Typeform (assessments), calendar scheduling services, email providers, analytics platforms
- Business Partners: With your consent, to deliver integrated services
- Legal Requirements: When required by law, court order, or to protect our rights
- Business Transfers: In connection with mergers, acquisitions, or asset sales
4.3 Client Project Data
Data you provide during consulting engagements is governed by our consulting agreements and maintained with strict confidentiality. We do not share client project data, methodologies, or business processes with other parties.
5. Data Security
We implement appropriate security measures including:
- Encryption of data in transit (TLS/SSL) and at rest
- Access controls and authentication for all systems
- Regular security audits and updates
- Employee training on data protection
- Secure cloud infrastructure with reputable providers
- Regular backups and disaster recovery procedures
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Your Privacy Rights
6.1 General Rights
You have the right to:
- Access: Request copies of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data (subject to legal obligations)
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing of your data
- Restriction: Request restriction of processing
- Withdraw Consent: Withdraw consent for data processing at any time
6.2 GDPR Rights (EU/EEA Residents)
If you are in the European Economic Area, you have additional rights under GDPR including the right to lodge a complaint with your local data protection authority.
6.3 CCPA Rights (California Residents)
California residents have the right to:
- Know what personal information is collected and how it's used
- Request deletion of personal information
- Opt-out of sale of personal information (we don't sell your data)
- Non-discrimination for exercising your rights
6.4 UK GDPR Rights
UK residents have rights equivalent to those under GDPR, governed by the UK Data Protection Act 2018.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Remember your preferences and settings
- Understand how you use our website
- Improve website performance and user experience
- Deliver relevant marketing content
You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.
8. Data Retention
We retain your information for as long as necessary to:
- Provide our services and maintain customer relationships
- Comply with legal obligations (typically 7 years for business records)
- Resolve disputes and enforce agreements
Marketing data is retained until you opt-out or request deletion. Active client project data is retained per consulting agreements.
9. International Data Transfers
We operate globally and may transfer data to countries outside your location. When we do:
- We use Standard Contractual Clauses approved by the European Commission
- We ensure recipients provide adequate data protection
- We comply with applicable data transfer regulations
10. Children's Privacy
Our services are not directed to individuals under 18. We do not knowingly collect information from children. If you believe a child has provided us information, please contact us immediately.
11. Marketing Communications
You can opt-out of marketing emails by:
- Clicking "unsubscribe" in any marketing email
- Contacting us directly at [email protected]
- Updating preferences in your account (if applicable)
Note: You may still receive transactional emails (service updates, receipts, security alerts) even after opting out of marketing.
12. Third-Party Websites
Our website may contain links to third-party sites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.
13. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by:
- Posting the updated policy with a new "Last Updated" date
- Sending email notification to registered users
- Displaying a notice on our website
Your continued use of our services after changes constitutes acceptance of the updated policy.
14. Legal Basis for Processing (GDPR)
We process your data based on:
- Consent: When you opt-in to marketing or assessments
- Contract: To deliver consulting services you've engaged
- Legitimate Interests: To improve services, prevent fraud, and conduct business operations
- Legal Obligation: To comply with applicable laws and regulations