Privacy Policy
This Privacy Policy explains how Emp42 Consulting Ltd. (“Emp42”, “we”, “us”) collects, uses, and protects personal data when you use BizzDev.ai (the “Service”).
1. Scope and roles (Controller vs Processor)
Under GDPR, Emp42 may act as a data controller and/or a data processor depending on what data is being processed:
- Controller: For account, authentication, support, billing (if applicable), website analytics (if consented), and marketing communications.
- Processor: For content you submit into the Service (e.g., playbooks, lead notes, meeting notes), processed to generate outputs and operate the Service.
If you are using the Service in a business context and you upload personal data about third parties (e.g., lead contacts), you are responsible for ensuring you have a lawful basis to do so.
2. Personal data we collect
We may collect the following categories of personal data:
- Account data: email address, authentication tokens, and basic account settings.
- Usage data: feature usage, timestamps, and activity events needed to operate the Service and enforce plan limits.
- User Content: content you submit (e.g., playbooks, culture notes, lead research inputs, meeting notes) and outputs generated for you.
- Support communications: messages you send to us and our responses.
- Website analytics (optional): if you consent, limited analytics data (e.g., page views and events) via Google Analytics 4.
3. How we use personal data
We use personal data for the following purposes:
- Provide and operate the Service (authentication, core features).
- Generate requested outputs from your inputs (AI-assisted workflows).
- Maintain reliability, prevent abuse, and enforce limits.
- Provide support and communicate service-related information.
- Improve the Service using aggregated and/or de-identified insights.
- Website analytics (only if you consent via cookie preferences).
4. Legal bases (GDPR Article 6)
We process personal data under the following legal bases, depending on context:
| Purpose | Legal basis | Examples |
|---|---|---|
| Provide the Service | Contract (Art. 6(1)(b)) | Account login, feature access, generating outputs you request |
| Service security and abuse prevention | Legitimate interests (Art. 6(1)(f)) | Rate limiting, fraud detection, operational monitoring |
| Support and service communications | Contract / Legitimate interests | Support tickets, incident notices, product updates that are necessary |
| Marketing communications (if applicable) | Consent or Legitimate interests | Newsletter or product announcements (opt-out available) |
| Website analytics (GA4) | Consent (Art. 6(1)(a)) | Only if you opt in via cookie banner preferences |
5. AI processing and User Content
When you submit User Content, we process it to generate outputs and operate the Service. Outputs may be produced using AI systems.
You are responsible for reviewing outputs before using them. The Service is designed to reduce hallucinations through workflow guardrails, but it cannot guarantee accuracy.
We do not sell User Content. We do not use it for unrelated advertising.
6. Cookies and analytics
We use necessary cookies required for security and core site operation. We use analytics cookies (Google Analytics 4) only if you explicitly consent via the cookie banner.
For details, see Cookie Policy.
7. Sharing and subprocessors
We may share personal data with service providers (“subprocessors”) who help us operate the Service (e.g., hosting, authentication, analytics if consented). We require subprocessors to protect data and process it only under our instructions.
Note: we will maintain an up-to-date list of subprocessors and will publish it here once finalized.
| Category | Typical providers | Purpose |
|---|---|---|
| Hosting & infrastructure | e.g., cloud hosting | Run the Service securely |
| Authentication & database | e.g., managed auth/database | Account login and storage |
| Analytics (optional) | Google Analytics 4 (if consented) | Understand usage of the marketing site |
| Email delivery (optional) | Transactional email provider | Account emails and notifications |
8. International transfers
Some service providers may process data outside the European Economic Area (EEA). Where this occurs, we use appropriate safeguards, such as standard contractual clauses, where required.
9. Data retention
We retain personal data only as long as necessary for the purposes described in this Policy:
- Account data: retained while your account is active, and for a limited period afterward for security and legal purposes.
- User Content: retained until you delete it or close your account, subject to limited backups and legal obligations.
- Analytics data: retained according to GA4 settings (only if consented).
We will refine and publish specific retention periods as the service matures. If you need deletion sooner, contact us.
10. Your rights (GDPR)
Under GDPR, you have rights including: access, rectification, erasure, restriction, objection, portability, and withdrawal of consent (where consent is the legal basis).
To exercise rights, contact hello@bizzdev.ai. We may request verification to protect your account.
You also have the right to lodge a complaint with your local data protection authority.
11. Security measures
We implement reasonable technical and organizational measures to protect personal data, including access controls and security best practices. For product-level principles (auditability, evidence-based research, edit preservation), see Security.
12. Children
The Service is not intended for children under 18, and we do not knowingly collect personal data from children.
13. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The “Last updated” date reflects the latest version.
14. Contact
For privacy questions or requests, contact hello@bizzdev.ai.
BizzDev.ai is owned and marketed by Emp42 Consulting Ltd..