Privacy & Data
Privacy Policy
Effective date: January 1, 2026. This Privacy Policy explains how NOUT AI Consulting, located at 420 Market St, Suite 300, San Francisco, CA 94105, USA, collects, uses, discloses, and protects personal information. We provide services that include AI strategy, data engineering, applied modeling, and MLOps. Our commitments include transparency, data minimization, security, and enabling you to exercise control over your personal information.
Information we collect
We collect information necessary to provide our services, communicate with clients and prospects, and to comply with legal obligations. Categories of information include contact details such as name, email, and phone; company and role information; billing and transaction data for invoicing; project-related materials such as datasets, logs, and documentation when you provide them for evaluation or onboarding; and technical data captured when you use our website, including IP address, device and browser information, and cookies. For pilot engagements and production work we may process structured and unstructured data you supply to train or run models. We do not claim ownership of content you submit; we process it under contract to deliver agreed services. We limit collection to what is relevant for the specified purpose and document data sources and lineage as part of our governance process.
How we use information
We use personal and project-related information to: deliver and operate our services, manage contracts and billing, support pilots and production deployments, and communicate updates and support matters. Technical and usage data help us improve site performance and secure our infrastructure through anomaly detection. When engaged to run pilots or production systems we use data to develop, validate, and monitor models, and to instrument business metrics and observability. We may use aggregated or anonymized data to analyze trends or improve products; such aggregated data does not identify individuals. When we use service providers or subprocessors to host infrastructure, manage analytics, or provide payment processing, they receive only the data necessary to perform their function under contract terms that require confidentiality and security. We only process personal data that is necessary for a legitimate business purpose or with your prior consent when needed for marketing communications.
Cookies and tracking
Our website uses cookies and similar technologies to provide essential site functionality, analytics, and optional preferences. Essential cookies enable navigation and security features and are required for the site to operate. Non-essential cookies include analytics and performance cookies used to understand how visitors interact with the site, and optional preferences that can improve your experience. We present a clear cookie banner that allows you to accept or reject non-essential cookies. You can change preferences at any time by clearing cookies in your browser or using any preference controls we provide. Third-party analytics providers may set cookies as described in their policies; we select reputable vendors and limit data-sharing to minimize risk. For pilots and production systems tracking is scoped explicitly in contracts and data use agreements; telemetry is used for monitoring model health and does not expose personal data unless required for the engagement.
Data sharing and subprocessors
We do not sell personal data. We share information with third parties only as necessary to deliver our services, comply with law, or with your instruction. Common categories of recipients include cloud infrastructure providers, analytics vendors, and professional advisors such as auditors and legal counsel. When you provide project data for model development or inference, we treat that data as customer data and disclose it only to authorized subprocessors under written agreements that require confidentiality, data protection, and purpose limitation. For cross-border processing we implement appropriate safeguards, such as standard contractual clauses or equivalent protections, to ensure lawful transfers. If required by law enforcement or a valid legal process we may disclose information, but we will limit the disclosure to what is lawful and notify you unless prohibited by law. Vendors we select are assessed for security, privacy practices, and compliance with applicable standards to the extent feasible.
Security and retention
We maintain administrative, technical, and physical safeguards designed to protect data against unauthorized access, disclosure, or destruction. Safeguards include access controls, encryption in transit and where feasible at rest, network protections, and periodic security reviews. For client projects we align to contractual security requirements and can support required certifications and assessments on request. Data retention is determined by the purpose of processing and contractual obligations. We retain contact and transactional records for business and legal purposes, usually for a limited period consistent with tax and contractual rules. Project data retention is managed according to the engagement terms; when an engagement ends, we will delete or return client data as agreed. If you require a custom retention schedule or specific deletion procedures, include this in the contract so we can implement appropriate controls. We maintain incident response processes and will notify affected parties and regulators if a breach involving personal data occurs and notification is required by law.
Your rights and choices
Depending on your jurisdiction you may have rights such as access to personal data we hold about you, correction of inaccurate information, deletion, restriction of processing, objection to certain processing, and data portability where applicable. For residents of the European Economic Area these rights are available under the General Data Protection Regulation; for California residents additional rights may apply under the California Consumer Privacy Act and related regulations. To exercise rights or submit a privacy request contact us at [email protected] or call +1 (415) 555-0132. We will verify requests to prevent unauthorized disclosures and respond within applicable legal timeframes. You may opt out of marketing communications through unsubscribe links or by indicating preferences. If you have unresolved concerns you may contact your local supervisory authority. For contractual data subject requests tied to a client engagement, client contacts who act as data controllers should submit requests per the contract so we can coordinate responses with the controller.
Children and sensitive data
Our services are directed to businesses and professionals; we do not knowingly collect personal information from children under 16 through our standard website or services. If you believe we have inadvertently received such data, contact us and we will take steps to remove it. We do not intentionally process special categories of personal data such as health or biometric data unless explicitly agreed in a contract and only with documented safeguards. If your project requires processing of sensitive data, notify us during sales and contract negotiations so we can evaluate compliance, technical controls, and any additional safeguards required by law.
Changes to this policy
We may update this Privacy Policy to reflect changes in our practices, legal requirements, or product updates. Significant changes will be communicated via the website and, where appropriate, by email to contacts who have an ongoing relationship with us. The effective date at the top indicates when the current policy took effect. We recommend reviewing this page periodically to stay informed about how we handle personal information. Material changes that affect previously collected personal information will be subject to applicable notice and consent requirements before they take effect to the extent required by law.
Contact and data protection officer
For privacy inquiries, requests, or to exercise your rights, contact us at:
NOUT AI Consulting
420 Market St, Suite 300, San Francisco, CA 94105, USA
Phone: +1 (415) 555-0132
Email: [email protected]