GDPR Compliance

Effective Date: January 1, 2026 • Last Updated: January 1, 2026

Although AI Marketing Services is headquartered in India, we respect the data sovereignty of our European and UK clients. This page outlines how we align with the General Data Protection Regulation (GDPR).

1. Our Role (Controller vs. Processor)

Under GDPR, our role changes based on the context:

Data Controller: When you visit our website, sign up for our newsletter, or submit a lead form, we act as the Controller of your personal data.
Data Processor: When you hire us to run ads or manage your CRM, we act as a Processor handling data on your behalf. We process this data strictly according to your instructions.

2. Lawful Basis for Processing

We process personal data under the following legal grounds (Article 6 GDPR):

Consent: When you explicitly opt-in to marketing emails or cookies.
Contract: When processing is necessary to fulfill our service agreement with you.
Legitimate Interest: For B2B outreach and fraud prevention, provided these interests do not override your rights.

3. International Data Transfers (India ↔ EU)

We operate from India (outside the EEA). To ensure your data remains protected when transferred to us, we rely on:

Standard Contractual Clauses (SCCs): Our service agreements include SCCs to guarantee GDPR-level protection for data leaving the EU.
Strict Access Control: Only authorized personnel working on your specific project have access to your data.
Encryption: Data is encrypted in transit (HTTPS) and at rest where possible.

4. Your Rights as an EU Citizen

You have the following rights regarding your data:

Right to Access: You can ask for a copy of the data we hold about you.
Right to Rectification: You can ask us to correct wrong data.
Right to Erasure ("Right to be Forgotten"): You can ask us to delete your data completely.
Right to Restrict Processing: You can ask us to pause processing your data.
Right to Portability: You can ask for your data in a readable format to move elsewhere.

5. Data Minimization & AI

We practice data minimization. We only collect what is strictly necessary to deliver our marketing services.

Regarding AI: We do not use your private customer data (PII) to train public AI models (like ChatGPT) without your explicit written consent. Your proprietary data remains isolated.

6. Sub-processors

We use trusted third-party tools to deliver our services. Key sub-processors include:

Google (Analytics/Ads): Analytics and traffic measurement.
Meta (Facebook/Instagram): Ad delivery.
HubSpot/CRM: Client relationship management.
Hosting Providers: Secure server infrastructure (e.g., Hostinger/AWS).

7. Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights, we will notify the relevant supervisory authority and the affected individuals within 72 hours of becoming aware of the breach.

8. Contact Our DPO

For any GDPR-related inquiries, requests for erasure, or to exercise your rights, please contact our Data Protection Officer (DPO):

Name: Nitesh Dan Charan
Email: aimarketingservicesindia@gmail.com
Address: Laxmangarh, Sikar, Rajasthan 332311, India.

Note: While we strive for full compliance, this page does not constitute legal advice. EU residents have the right to lodge a complaint with their local Data Protection Authority (DPA).

Request Erasure

Want us to delete your data? Send an email with the subject "GDPR Erasure Request" to aimarketingservicesindia@gmail.com.

Data Safety

We use enterprise-grade encryption and Standard Contractual Clauses (SCCs) to keep EU data safe in India.

Cookies

We honor "Do Not Track" signals and provide a consent manager for EU visitors to control marketing cookies.