Privacy Policy.

Effective Date: April 2026  |  Version: v2026.1  |  Governing Law: Spain / EU

1. Identity of the Data Controller

In compliance with GDPR Article 13 and LOPDGDD, the entity responsible for processing your personal data through this website is:

Trading Name: Autonomous Intelligence Growth

Contact Email: info@getaigrowth.com

Website: https://getaigrowth.com

DPO: Not applicable (processing does not meet the GDPR Article 37 threshold for mandatory appointment)

Full legal identity is published in our Compliance Hub, in compliance with LSSI-CE Article 10.

2. Scope of This Policy

This Privacy Policy covers personal data collected from visitors to getaigrowth.com through the following touchpoints:

  • Contact and enquiry forms (Forminator)
  • Appointment booking system (Cal.com)
  • AI chatbot widget interactions on this domain
  • Email communications initiated via this website
  • Website session and technical data

Out of scope: Personal data processed by clients of Autonomous Intelligence Growth on their own websites. Clients operate as independent Data Controllers. That relationship is governed by a separate Data Processing Agreement (DPA) — see our Compliance Hub.

3. Personal Data Collected

The table below specifies every category of data collected, the legal basis under GDPR Article 6, the data source, and the applicable retention period.

Category of Data Purpose & Legal Basis Source Retention
Contact form data
Name, email, message
Responding to enquiries — pre-contractual steps (Art. 6(1)(b)); legitimate interest (Art. 6(1)(f)) Directly from data subject via Forminator 24 months from last contact, then deleted
Booking data
Name, email, time slot
Scheduling — performance of contract / pre-contractual steps (Art. 6(1)(b)) Directly from data subject via Cal.com Duration of engagement + 12 months
AI chatbot logs
Message content, session ID
Support provision — legitimate interest (Art. 6(1)(f)); consent where required Directly from data subject during chat 90 days, then purged
Technical / device data
IP address, browser, cookies
Website security and operation — legitimate interest (Art. 6(1)(f)); consent for non-essential cookies Automatically via browser/server Session cookies: on close. Analytics: see Cookie Policy
Email correspondence Business communication — legitimate interest (Art. 6(1)(f)) Directly from data subject 3 years or duration of business relationship

No special-category data (GDPR Article 9) is intentionally collected. Any such data submitted voluntarily will be deleted promptly upon identification.

4. AI Chatbot — Specific Disclosures

4.1 EU AI Act Transparency (Article 50)

In compliance with EU AI Act Article 50 (2026), users interacting with the AI chatbot on this domain are notified at the point of interaction — and via machine-readable metadata in the chat widget — that they are communicating with an automated system, not a human.

AI System Disclosure

The chatbot on this website is an automated AI system, operated under the badge: “Powered by Autonomous Intelligence.”

It is not a human operator. Responses are generated by a large language model and are inherently non-deterministic. AI-generated responses do not constitute professional, legal, or financial advice.

4.2 Data Processed During Chatbot Interactions

  • Content of your messages (text input)
  • Session identifiers (non-persistent; for conversation continuity only)
  • Timestamp and approximate geolocation (country-level, derived from IP)
  • Device and browser type (for rendering)

Conversation content is processed by our AI infrastructure provider (ChatLab). Do not submit sensitive personal data, financial information, or special-category data through the chat interface.

4.3 Human Escalation (EU AI Act Art. 50)

You may request that your enquiry be referred to a human operator at any time by contacting info@getaigrowth.com. Human responses are provided during business hours.

5. Third-Party Integrations

5.1 Cal.com (Booking System)

Appointment bookings are processed via Cal.com. Your name, email, and selected time slot are transmitted to Cal.com’s servers. Cal.com acts as a Data Processor on our behalf for scheduling purposes and as an independent Data Controller for its own platform operations.

  • Cal.com Privacy Policy: https://cal.com/privacy
  • Transfer mechanism: Standard Contractual Clauses (SCCs) where applicable

5.2 Forminator (Contact Forms)

Contact forms are powered by Forminator (WPMU Dev). Submission data is stored in our WordPress database. No third-party marketing integrations (e.g., Mailchimp, HubSpot) are currently active. Each form carries a mandatory privacy notice and consent acknowledgement in compliance with GDPR Article 7.

5.3 Sub-processor Registry

Sub-processor Role Data Processed Privacy Reference
ChatLab AI infrastructure provider — chatbot runtime & RAG knowledge base Chatbot conversation content; session data chatlab.com/privacy
Verify URL before publishing
OpenAI
via ChatLab
Large language model — AI response generation Anonymised query text; no persistent user profiles openai.com/policies/privacy-policy
Cal.com Booking and scheduling platform Name, email, appointment data cal.com/privacy
Web Host / WordPress Website infrastructure; form data storage Form submissions; server logs; session data Hosting provider DPA — available on request

6. International Data Transfers

Some sub-processors operate outside the European Economic Area (EEA). All such transfers are safeguarded through one or more of the following mechanisms:

  • EU adequacy decision (GDPR Article 45)
  • Standard Contractual Clauses approved by the European Commission (GDPR Article 46(2)(c))

OpenAI processes data primarily in the United States under Standard Contractual Clauses. Users who object to transatlantic transfers should contact us at info@getaigrowth.com to discuss alternatives.

7. Your Rights as a Data Subject

Under GDPR Articles 15–22 and LOPDGDD, you have the following enforceable rights:

Access (Art. 15) Obtain confirmation and a copy of your personal data.
Rectification (Art. 16) Correct inaccurate or incomplete data.
Erasure (Art. 17) Request deletion where no overriding legal basis exists.
Restriction (Art. 18) Limit processing in defined circumstances.
Portability (Art. 20) Receive your data in a structured, machine-readable format.
Object (Art. 21) Object to processing based on legitimate interest.
Withdraw consent Withdraw at any time where processing is consent-based.
No automated decisions (Art. 22) Request human review of decisions that significantly affect you.

To exercise any of these rights, submit a written request to info@getaigrowth.com. We will respond within 30 calendar days (GDPR Article 12). Identity verification may be required.

If unsatisfied with our response, you may lodge a complaint with the Agencia Española de Protección de Datos (AEPD) at www.aepd.es.

8. Security Measures

We implement technical and organisational security measures in accordance with GDPR Article 32, including:

  • TLS/SSL encryption for all data in transit
  • Access controls: administrator access granted solely for configuration purposes, revocable by the client at any time
  • Confidentiality obligations binding on all personnel with data access
  • Sub-processor vetting prior to engagement
  • Data breach notification to AEPD within 72 hours (GDPR Art. 33) and to affected data subjects where required (GDPR Art. 34)

9. Cookies

This website uses cookies in accordance with LSSI-CE Article 22.2. Strictly necessary cookies operate without consent. All non-essential cookies require explicit prior consent via the cookie banner on first visit.

Full details on every cookie set by this website — including those from Cal.com and WordPress plugins — are published in our Cookie Policy.

10. Governing Law & Supervisory Authority

This policy is governed by Spanish law and applicable EU regulations including GDPR (EU 2016/679), EU AI Act (2024/1689), LSSI-CE (Law 34/2002), and LOPDGDD (LO 3/2018).

Disputes are subject to the exclusive jurisdiction of the courts of Las Palmas de Gran Canaria, Spain, unless otherwise agreed in a signed service contract.

Supervisory Authority: Agencia Española de Protección de Datos (AEPD)

C/ Jorge Juan, 6, 28001 Madrid, Spain

www.aepd.es  |  +34 901 100 099

Last Updated: April 2026  |  Autonomous Intelligence Growth  |  info@getaigrowth.com