Privacy Policy

1) What information we collect

You provide via forms (when booking a consultation):

• First name, last name, email address, phone number
• Optional details you share in free-text fields (e.g., company, goals, project requirements)

Automatically via cookies/trackers (see Section 7):

• Device, browser, approximate location (city/country), IP (may be truncated/anonymized)
• Pages viewed, session duration, referrers/UTM, clicks, basic performance data

We do not intentionally collect sensitive data through our site.

2) How we collect information

Directly from you: when you submit our booking form, contact form, or use chat features.

Automatically: Essential cookies for site security and operation. Analytics/marketing cookies (if enabled) load only after you grant consent via our cookie banner.

3) Why we collect information (purposes & legal bases)

We use your information only to:

• Schedule and host your consultation (calendar invites, confirmations, reminders)
• Follow up on your request and related documentation (e.g., summary notes, proposals, project details)
• Deliver automation services and maintain client records
• Operate, secure, and improve our website (basic analytics and performance)

Legal bases (if GDPR/UK GDPR applies):

• Contract / pre-contract (Art. 6(1)(b)) — booking and follow-ups you request
• Legitimate interests (Art. 6(1)(f)) — site operation, basic analytics
• Consent (Art. 6(1)(a)) — for non-essential cookies/trackers and any optional marketing

We do not sell personal information.

4) How we store, share, and disclose information

Our service providers (processors)

We use the following third-party services to operate our website and manage communications. Each acts as a processor on our behalf under a data-processing agreement (DPA). They only process your data to provide their service to us.

Website Hosting & CMS – Website hosting, content management, site security and performance.

• Data processed: page views, device/browser data, session identifiers, error/performance logs; form submissions you send to us (e.g., consultation form) are stored and forwarded to our inbox/CRM.
• Purpose: run the website, ensure availability and security, basic analytics.
• Transfers: may process data outside your country with appropriate safeguards.

Communication Tools – Email, chat, and messaging services.

• Data processed: messages you choose to send, timestamp, basic device/browser info.
• Purpose: allow you to contact us and receive replies, schedule meetings, receive project updates.
• Note: Please avoid sharing highly sensitive information in unencrypted communications.

Payment Processors – (if applicable) Stripe, Razorpay, PayPal or similar.

• Data processed: payment information, transaction details.
• Purpose: process payments for services.
• Note: We do not store complete payment card details; processors handle this securely.

Consent Management – Cookie/consent banner and preference storage.

• Data processed: your consent choices (accept/deny per category), a consent identifier, timestamp, and country/region; stored in a cookie/local storage to remember your settings.
• Purpose: gather, store, and honor your consent for non-essential cookies and tracking, as required by applicable law.
• Effect: non-essential tools load only after you grant consent via the banner.

5) Retention

We keep consultation and project records only as long as needed for the purposes above, to comply with legal obligations, or to resolve disputes. When no longer required, we securely delete or anonymize the data.

Typical retention periods:

• Active client records: Duration of engagement plus 3 years
• Consultation inquiries (no engagement): 1-2 years
• Financial records: As required by Indian tax law (typically 7 years)

6) How we communicate with you

We may contact you via email or phone to:

• Confirm/remind about meetings
• Share follow-up notes, proposals, or project updates
• Respond to your inquiries
• Provide support for delivered automation systems

Marketing: We currently do not send marketing emails by default. If that changes, we'll request consent where required and provide an easy opt-out.

7) Cookies & tracking (with consent banner)

We use a consent banner on our website. On your first visit, you can Accept All, Reject All, or Customize non-essential cookies. You can change your choices anytime via "Cookie Settings" in the site footer or browser settings.

Essential cookies are always on, because the site won't work without them.

Cookie categories we use

• Essential (always on) — security (e.g., CSRF protection), load-balancing, session continuity, form/booking functionality, and your cookie preferences.
• Analytics/Performance (consent-based) — aggregated page metrics (e.g., page views, time on page, referring URLs), error/performance logs to help us improve the site.
• Marketing/Third-party (consent-based) — disabled unless you enable such features: only if we add marketing pixels or third-party embeds.

What consent tracking stores

A consent record (your choices, timestamp, country/region) and a consent identifier (cookie/local storage) so we can prove and respect your preferences.

Examples of what these cookies do

• Keep you logged into a session during a booking or inquiry
• Remember that you rejected/accepted non-essential cookies so we don't ask again each visit
• Help us understand which pages are most useful (in aggregate), if you consent to analytics
• Enable chat features to maintain conversation continuity

8) Minors

Our services are not directed to children under 16 (or the age defined by your local law). We do not knowingly collect personal information from minors. If you believe a minor has provided data, contact us to remove it.

9) Your rights

Depending on your location, you may have rights to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data
• Object to / restrict certain processing (including object to direct marketing)
• Withdraw consent (e.g., cookie preferences)
• Data portability (receive your data in a structured format)
• Lodge a complaint with your local data protection authority

To exercise rights, see Contact us below. We may verify your identity before responding.

California (if applicable): We do not sell or "share" personal information for cross-context behavioral advertising. You may request access or deletion as above.

India (if applicable): You have rights under the Digital Personal Data Protection Act, 2023, including access, correction, deletion, and grievance redressal.

10) International data transfers

Our service providers may process data outside India. When this occurs, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses
• Adequacy decisions by relevant authorities
• Other legally recognized transfer mechanisms

11) Security

We use reasonable administrative, technical, and organizational measures to protect personal information, including:

• Encryption of data in transit (HTTPS/SSL)
• Access controls and authentication
• Regular security assessments
• Secure data storage practices

No method of transmission or storage is 100% secure; we cannot guarantee absolute security, but we continuously work to protect your information.

12) Automated decision-making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on you.

13) Changes to this policy

We may update this policy from time to time. The Effective date shows the latest version. If we make material changes, we'll highlight them here or notify you where appropriate via email or website notice.

14) Contact us

Questions, requests, or privacy concerns?

• Email: hello@automatai.in
• Website: https://automatai.in

Response time: We aim to respond to privacy requests within 30 days.

Grievance Officer (India): For complaints under Indian data protection law, contact us at the email above with "DPDP Grievance" in the subject line.