Skip to main content

Privacy Policy

Last updated: February 2026

Who we are

AITERIX is a compliance readiness consultancy operated by Tapan Bavaliya. Our website is at https://aiterix.com.

For any privacy-related questions, contact us at: tapan@aiterix.com

What data we collect and why

We collect only the minimum data necessary for the specific purpose stated.

Server logs

When you visit this website, our hosting provider automatically records standard server log data including your IP address, browser type, referring URL, and pages visited. This data is used solely for security and operational purposes and is not linked to your identity.

Legal basis: Legitimate interests — maintaining website security and performance.

Retention: Server logs are retained for up to 90 days.

Contact enquiries

When you contact us via email or LinkedIn, we receive and store the information you choose to share (name, email address, company name, and the content of your message).

Legal basis: Legitimate interests — responding to business enquiries you have initiated.

Retention: We retain enquiry data for up to 2 years, or until you ask us to delete it.

Discovery call bookings

When you choose to load and use the Calendly booking widget on our contact page, the following data is collected and processed on our behalf by Calendly:

  • Name and email address
  • Phone number (only if you opt in to SMS reminders)
  • Company name and product description
  • Which compliance framework(s) you are working toward
  • A brief description of where you are in your compliance journey

We use this information solely to prepare for and conduct the discovery call. We do not use it for marketing.

Legal basis: Legitimate interests — preparing for and conducting a business conversation you have requested.

Retention: We retain booking data for up to 2 years, or until you ask us to delete it.

Third-party services

Hosting

This website is hosted on Netlify. Netlify processes server log data as described above and maintains appropriate data protection agreements.

Calendly

We use Calendly to manage discovery call bookings. The Calendly widget on our contact page only loads when you choose to open it — it is not loaded automatically. Once loaded, your data is processed by Calendly, Inc., a US-based company. Calendly may set cookies and collect usage data in accordance with their own privacy policy.

As Calendly is based in the United States, your data may be transferred outside the European Economic Area. Calendly relies on Standard Contractual Clauses as the lawful transfer mechanism under GDPR.

Fonts

This website uses the Inter typeface served directly from our own servers. We do not use Google Fonts or any external font CDN. No font requests are made to third-party servers.

International data transfers

When you book a discovery call, your data is processed by Calendly, Inc. in the United States. This transfer is covered by Standard Contractual Clauses approved by the European Commission. No other data we collect is transferred outside the United Kingdom or European Economic Area.

Your rights under GDPR

If you are in the European Economic Area or United Kingdom, you have the following rights:

  • Access - request a copy of the personal data we hold about you
  • Rectification - request correction of inaccurate data
  • Erasure - request deletion of your personal data
  • Restriction - request that we limit how we use your data
  • Portability - receive your data in a portable format
  • Objection - object to processing based on legitimate interest

To exercise any of these rights, contact us at tapan@aiterix.com. We will respond within 30 days.

We do not use your data for automated decision-making or profiling.

You also have the right to lodge a complaint with your local Data Protection Authority. In the UK, this is the Information Commissioner’s Office (ICO) at ico.org.uk.

Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. These measures are reviewed and updated as part of our information security programme.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, and affected individuals without undue delay where required.

Cookies

This website does not set its own cookies or use analytics scripts. The Calendly booking widget on our contact page does not load automatically — it only loads when you explicitly click to open it. At that point, Calendly may set cookies to manage your booking session. If you do not click to load the booking calendar, no cookies are set.

Data retention and disposal

We retain personal data only for as long as necessary for the purposes described in this policy. Specific retention periods are noted against each data category above. When data is no longer needed, it is securely deleted.

Changes to this policy

We may update this policy as our services evolve. Material changes will be reflected with an updated “Last updated” date at the top of this page.