Privacy Policy
Last updated: 27 May 2026
We respect your privacy and are committed to protecting any personal data you share with us. This page explains what we collect, why we collect it, who else handles it, and the rights you have under EU law.
Who we are
AI in the Boardroom is an AI implementation consultancy operating from Romania and serving clients across the European Union. We are the data controller for personal information collected through this website.
Contact: contact@ai-in-business.tech.
What data we collect
When you submit our contact form, we collect: your name, your company name, your email address, and the message you write.
We do not collect any other personal information automatically. No analytics cookies, no tracking pixels, no fingerprinting, no advertising scripts.
How we use it
We use the information you submit solely to respond to your inquiry and, where you have indicated interest, to discuss potential engagements.
We do not sell, rent, or share your information with third parties for marketing purposes.
Legal basis for processing
Under the EU General Data Protection Regulation (GDPR), our legal basis for processing your data is your consent (Article 6(1)(a)) — given when you voluntarily submit the contact form — and our legitimate interest (Article 6(1)(f)) in responding to business inquiries.
Who else handles your data
To deliver this service we rely on the following sub-processors. Each is GDPR-compliant and bound by a Data Processing Agreement with appropriate safeguards for international transfers.
Vercel Inc. · United States
Hosts the website and processes form submissions in transit.
Data Processing AgreementResend, Inc. · United States
Sends the submission as email from our domain.
Data Processing AgreementGoogle Ireland Ltd. (Google Workspace) · Ireland, EU
Receives form submissions at our inbox, and powers the optional "Book a call" appointment scheduling and Google Meet links.
Data Processing Agreement
How long we keep it
Contact form submissions are kept in our email inbox for up to 24 months after our last correspondence with you. After that we delete them, unless we have a legal obligation to retain them (for example, for active client engagements or accounting records, in which case retention follows the relevant statutory periods).
You may request earlier deletion at any time.
International transfers
Because some of our sub-processors are located in the United States, your data may be transferred outside the European Economic Area. These transfers are protected by the EU–U.S. Data Privacy Framework and standard contractual clauses, where applicable.
Your rights
Under the GDPR you have the right to:
Access — request a copy of the data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your data (the "right to be forgotten").
Restriction — ask us to limit how we process your data.
Objection — object to our processing of your data.
Portability — receive your data in a structured, commonly used format.
Withdraw consent — at any time, without affecting the lawfulness of prior processing.
How to exercise your rights
Email us at contact@ai-in-business.tech with your request. We will respond within 30 days, as required by the GDPR.
If you believe we have failed to handle your data lawfully, you may lodge a complaint with the Romanian data protection authority (ANSPDCP) at https://www.dataprotection.ro, or with the supervisory authority in your EU country of residence.
Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be highlighted on this page.