Last updated: February 26, 2026
AI First Consultancy ("we," "our," or "us") operates the website aifirstconsultancy.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Site or engage our services. This policy is designed to comply with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Information We Collect
We collect information that you voluntarily provide to us when you use our contact form or otherwise communicate with us. This includes:
- Name — Your full name as provided in the contact form.
- Email address — Your email address for correspondence purposes.
- Company name — The organization you represent.
- Role — Your job title or role within your organization.
- Project details — Information about your project or inquiry as described in the message field of our contact form.
We do not collect personal information automatically through tracking scripts or analytics tools beyond what is described in the Cookies and Tracking section below.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To respond to your inquiries and communicate with you about our services.
- To evaluate your project requirements and provide relevant consultation.
- To deliver the services you have engaged us for.
- To send follow-up communications related to your inquiry (we will not add you to marketing lists without your explicit consent).
- To improve our website and services.
- To comply with legal obligations.
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data under the following legal bases:
- Consent — When you voluntarily submit your information through our contact form, you consent to its processing for the purpose of responding to your inquiry.
- Legitimate interests — We may process your data where it is necessary for our legitimate business interests, such as improving our services and responding to business inquiries, provided these interests are not overridden by your rights and freedoms.
- Contractual necessity — Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
- Legal obligation — Where processing is necessary to comply with a legal obligation to which we are subject.
4. Third-Party Services
Our Site uses the following third-party services:
- Google Fonts — We load the Inter font family from Google's external servers (fonts.googleapis.com and fonts.gstatic.com). When you visit our Site, your browser makes a request to Google's servers to retrieve font files. This may result in Google receiving your IP address and browser information. Google's privacy policy governs their handling of this data. For more information, see Google's Privacy Policy.
We do not use any other third-party analytics, advertising, or tracking services on our Site.
5. Cookies and Tracking
Our Site uses minimal storage technologies:
- localStorage — We use your browser's localStorage solely to remember your cookie consent preference. This data is stored locally on your device and is not transmitted to our servers or any third party. No tracking cookies, analytics cookies, or advertising cookies are used on this Site.
You can clear localStorage data at any time through your browser settings.
6. Data Retention
We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, including:
- Contact form submissions — We retain inquiry data for up to 24 months from the date of submission, or longer if an ongoing business relationship is established.
- Client project data — Data related to active engagements is retained for the duration of the project and for up to 36 months following project completion for reference and support purposes.
- Legal obligations — We may retain certain data for longer periods where required by law (e.g., tax or accounting requirements).
When personal data is no longer needed, we will securely delete or anonymize it.
7. Your Rights
GDPR Rights (EEA, UK, and Switzerland Residents)
If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:
- Right of access — You have the right to request a copy of the personal data we hold about you.
- Right to rectification — You have the right to request that we correct any inaccurate or incomplete personal data.
- Right to erasure — You have the right to request that we delete your personal data, subject to certain legal exceptions.
- Right to data portability — You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format.
- Right to object — You have the right to object to the processing of your personal data where we rely on legitimate interests as our legal basis.
- Right to restrict processing — You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to withdraw consent — Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
CCPA Rights (California Residents)
If you are a California resident, you have the following rights under the CCPA:
- Right to know — You have the right to request that we disclose what personal information we have collected, used, disclosed, and sold about you in the preceding 12 months.
- Right to delete — You have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
- Right to opt-out — You have the right to opt out of the sale of your personal information. We do not sell your personal information.
- Right to non-discrimination — We will not discriminate against you for exercising any of your CCPA rights.
To exercise any of these rights, please contact us using the information provided in the Contact Information section below. We will respond to verifiable requests within 30 days (GDPR) or 45 days (CCPA).
8. Children's Privacy
Our Site and services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete that information as promptly as possible. If you believe we may have collected information from a child under 16, please contact us immediately.
9. International Transfers
Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable law, including the use of Standard Contractual Clauses approved by the European Commission where applicable.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this policy. We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of the Site after any changes constitutes your acceptance of the updated policy.
11. Contact Information
If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:
If you are located in the EEA and believe that your data protection rights have not been adequately addressed, you have the right to lodge a complaint with your local data protection supervisory authority.