Legal

Privacy Policy

Last updated: February 2026

This Privacy Policy explains how AERS Consulting ("we", "our", or "us") collects, uses, and protects your personal data when you visit aersconsulting.com or contact us regarding our services. We are committed to full compliance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

AERS Consulting
Email: aman@aersconsulting.com

2. What Data We Collect

We may collect the following categories of personal data:

• Contact data: name, email address, company name, and any information you voluntarily provide when reaching out to us.
• Communication data: the content of emails, meeting notes, and correspondence you send to us.
• Calendar data: if you book a call via our scheduling tool (cal.com), your name, email, and meeting preferences.
• Technical data: IP address, browser type, and basic analytics if you visit our website (collected anonymously where possible).

We do not collect sensitive personal data (health, financial, biometric, etc.) through this website.

3. Legal Basis for Processing

We process your data on the following legal grounds:

• Legitimate interest (Art. 6(1)(f) GDPR): to respond to enquiries, manage business relationships, and improve our services.
• Contract performance (Art. 6(1)(b) GDPR): when your data is necessary to deliver agreed consulting services.
• Legal obligation (Art. 6(1)(c) GDPR): where we are required to retain records under applicable law (e.g. invoicing, tax).
• Consent (Art. 6(1)(a) GDPR): where you have explicitly opted in to receive communications from us.

4. How We Use Your Data

• Respond to enquiries and schedule discovery calls
• Deliver consulting services you have engaged us for
• Send project updates and relevant communications
• Comply with legal and financial record-keeping obligations
• Improve how we communicate and deliver our services

We do not sell, rent, or share your data with third parties for marketing purposes.

5. Data Retention

• Prospects (no engagement): contact data held for up to 90 days, then deleted.
• Active and past clients: retained for 7 years from end of engagement, as required for tax and legal purposes.
• Email communications: retained for the duration of our relationship and up to 3 years after.

You may request deletion of your data at any time (see Section 7).

6. Third-Party Services

We use a limited number of third-party tools to operate our business:

• cal.com: meeting scheduling. Subject to their own privacy policy.
• Brevo (Sendinblue): email delivery. EU-based, GDPR compliant.
• Google Workspace: email and document storage. Processed under Google's DPA.

We only use services with adequate data protection safeguards for EU personal data.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access: request a copy of the data we hold about you.
• Right to rectification: request correction of inaccurate data.
• Right to erasure ("right to be forgotten"): request deletion of your data where no legal obligation requires retention.
• Right to restriction: request that we limit how we process your data.
• Right to data portability: receive your data in a structured, machine-readable format.
• Right to object: object to processing based on legitimate interest or direct marketing.
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email us at aman@aersconsulting.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

8. Cookies

This website does not currently use tracking cookies or third-party analytics. If this changes, this policy will be updated and appropriate consent mechanisms will be implemented.

9. Data Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. All data is stored using services with industry-standard encryption at rest and in transit.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. We encourage you to review it periodically.

11. Contact

For any questions, data requests, or concerns relating to this policy:

AERS Consulting
aman@aersconsulting.com