Information We Collect
We collect information you provide directly, such as your email address when subscribing to our newsletters, your name and contact details when submitting forms, and usage data through analytics tools. We use Beehiiv for newsletter delivery, which processes subscriber email addresses according to their privacy policy.
How We Use Your Information
We use your information to deliver newsletters and content you have subscribed to, process form submissions and respond to inquiries, improve our website and services, and send relevant communications about events and training. We do not sell your personal information and we do not share it for cross-context behavioral advertising.
Third-Party Services
We use the following third-party processors: Google LLC / Google Ireland Ltd. (Google Analytics 4), Beehiiv, Inc. (newsletter delivery), Resend, Inc. (transactional email), Genndi / WebinarJam (webinar hosting), Vercel Inc. (website hosting and request logs), and Umami (cookieless analytics, when enabled). Each service has its own privacy policy governing their handling of your data.
Cookies and Analytics
We use cookies and similar technologies on this Site. Strictly necessary cookies run the site (session management, form submissions, remembering your consent choice) and are always on. With your consent, we also run Google Analytics 4 (properties G-M7RH1RDVLE and G-94LYH426ZN) with Google Consent Mode v2 and IP anonymization to measure aggregate traffic. When enabled, we also use Umami for lightweight cookieless traffic counts. No non-essential cookies are set until you opt in via our consent banner. Full details, including the list of cookies and their retention, are in our Cookie Policy at /legal/cookies.
Legal Bases for Processing (GDPR / UK GDPR)
We rely on the following lawful bases under Article 6 GDPR: Consent for analytics and marketing cookies and optional communications; Contract to deliver newsletters, webinars, and event registrations you request; Legitimate interests to secure the site, prevent fraud, and respond to inquiries, balanced against your rights; and Legal obligation to meet tax, accounting, and other regulatory requirements.
Your Rights (GDPR / UK GDPR)
If you are in the EEA, UK, or Switzerland, you have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data, and to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You may lodge a complaint with your supervisory authority — for example, the Irish Data Protection Commission, the UK ICO, or the data protection authority in your member state.
Your Rights (CCPA / CPRA — California)
California residents have the right to know what personal information we collect, use, disclose, sell, or share; to request deletion; to request correction of inaccurate information; to opt out of the sale or sharing of personal information for cross-context behavioral advertising; to limit the use of sensitive personal information; and to non-discrimination for exercising any of these rights. We do not sell personal information and we do not share it for cross-context behavioral advertising. We honor Global Privacy Control (GPC) signals as a valid opt-out. You can also change your choices any time via the Cookie Preferences or Do Not Sell or Share link in the footer.
Your Rights (Other US State Laws and LGPD)
Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, and other states with comprehensive privacy laws have rights that overlap with the CCPA, including the right to opt out of targeted advertising and to access, correct, or delete personal data. Brazilian residents have equivalent rights under the LGPD, including the right to data portability and anonymization. Quebec residents have rights under Law 25 equivalent to the GDPR. Exercise any of these rights by emailing privacy@theaie.net.
International Transfers
We are based in the United States. Where we transfer personal data out of the EEA, UK, or Switzerland, we rely on the EU Standard Contractual Clauses and our certification under the EU-US Data Privacy Framework, where applicable. Subprocessors operate under equivalent transfer mechanisms.
Data Retention
We retain personal data only as long as needed to provide the service or comply with legal obligations. Cookie consent choices are retained for twelve months and then re-requested. Newsletter subscriber data is retained until you unsubscribe. Log data is typically retained for 90 days.
Contact
For privacy-related inquiries, including to exercise any of the rights above, contact us at privacy@theaie.net. We respond within 30 days (GDPR / LGPD / Quebec Law 25) or 45 days (CCPA / CPRA), with one extension permitted where law allows. Postal address: Peripety Labs LLC, Cary, North Carolina, USA.