Privacy Policy

1. Introduction and Scope

This Privacy Policy applies to personal information collected by:

• Futureaiit LLC, a Wyoming limited liability company (incorporated 2026), with principal place of business at Sheridan, Wyoming, United States
• Futureaiit Consulting Private Limited, a private limited company incorporated in India (incorporated 2024), with principal place of business in Bangalore, India

Collectively referred to as "Futureaiit," "we," "us," or "our." This Privacy Policy governs:

• Our website (www.Futureaiit.com) and any subdomains
• Our professional services (AI/ML implementation, cloud infrastructure, software development, consulting, etc.)
• Marketing communications and business interactions
• Job applications and recruitment processes

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide when you:

• Contact Us: Name, email address, phone number, company name, job title, and message content when you submit inquiries through our contact forms or email
• Request Services: Business requirements, technical specifications, project scope, budget information, and organizational details when requesting quotes or proposals
• Engage Our Services: Detailed business information, technical environment details, access credentials (encrypted), data files, and other information necessary to deliver contracted services
• Subscribe to Communications: Email address, communication preferences, and areas of interest when subscribing to newsletters or updates
• Apply for Jobs: Resume/CV, cover letter, educational background, work history, references, and any information provided during the application and interview process
• Attend Events: Registration information, dietary preferences, accessibility requirements when attending webinars, conferences, or training sessions

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Device Information: IP address, browser type and version, operating system, device type, screen resolution, and device identifiers
• Usage Data: Pages visited, time spent on pages, click patterns, referral sources, search queries, and navigation paths
• Location Data: Approximate geographic location derived from IP address (country, region, city)
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, pixels, and similar technologies (see Section 8 for details)

2.3 Information from Third Parties

We may receive information about you from:

• Business Partners: Referral partners, technology partners, and resellers who introduce clients to our services
• Public Sources: LinkedIn, company websites, industry databases, and professional directories for business development and recruitment purposes
• Service Providers: Analytics providers (Google Analytics), CRM systems, email service providers, and payment processors
• Background Check Providers: For employment candidates, subject to applicable law and your consent

2.4 Sensitive Personal Information

We generally do not collect sensitive personal information (e.g., health data, biometric data, financial account numbers, government IDs) unless specifically required for service delivery (e.g., HIPAA-regulated healthcare projects) and with your explicit consent. When handling sensitive data, we implement enhanced security measures and comply with applicable regulations.

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Delivery and Contract Performance

• Providing, maintaining, and improving our professional services
• Communicating about projects, deliverables, and service updates
• Processing payments and managing billing
• Providing technical support and troubleshooting
• Fulfilling contractual obligations under SOWs and MSAs

3.2 Business Operations

• Responding to inquiries and providing customer service
• Conducting market research and analyzing business trends
• Improving our website, services, and user experience
• Managing vendor and partner relationships
• Recruiting and hiring employees and contractors

3.3 Marketing and Communications

• Sending newsletters, product updates, and promotional materials (with your consent where required)
• Conducting email campaigns and targeted advertising
• Inviting you to webinars, events, and training sessions
• Creating case studies and testimonials (with your explicit permission)

3.4 Legal and Compliance

• Complying with legal obligations (tax reporting, regulatory requirements, court orders)
• Enforcing our Terms of Service and other agreements
• Protecting our rights, property, and safety, and that of our clients and the public
• Detecting, preventing, and addressing fraud, security incidents, and illegal activities
• Conducting audits and maintaining business records

3.5 Analytics and Improvement

• Analyzing website traffic and user behavior to improve our digital presence
• Conducting A/B testing and user experience research
• Measuring the effectiveness of marketing campaigns
• Developing new services and features based on client needs

4. Legal Basis for Processing (GDPR Compliance)

For individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data based on the following legal grounds:

• Contract Performance: Processing necessary to perform our contractual obligations to you (e.g., delivering services, processing payments)
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving services, marketing, fraud prevention, and network security, provided these interests do not override your rights
• Consent: Processing based on your explicit consent (e.g., marketing communications, cookies), which you may withdraw at any time
• Legal Obligation: Processing necessary to comply with legal requirements (e.g., tax laws, regulatory reporting)
• Vital Interests: Processing necessary to protect your vital interests or those of another person (rare circumstances)

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers and Subcontractors

We engage third-party service providers to perform functions on our behalf, including:

• Cloud hosting providers (AWS, Google Cloud, Azure)
• Email service providers (for newsletters and transactional emails)
• CRM and marketing automation platforms
• Payment processors and billing systems
• Analytics and monitoring tools
• IT support and security services
• Specialized subcontractors for technical project work

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will notify you of any such change and provide options regarding your information.

5.3 Legal Requirements and Protection

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal process (subpoenas, court orders, government requests)
• Enforce our Terms of Service or other agreements
• Protect the rights, property, or safety of Futureaiit, our clients, or the public
• Detect, prevent, or address fraud, security, or technical issues
• Respond to claims of rights violations

5.4 With Your Consent

We may share your information with third parties when you provide explicit consent, such as:

• Publishing case studies or testimonials featuring your company
• Introducing you to technology partners or vendors
• Sharing information with your designated representatives or advisors

5.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This includes industry benchmarks, usage statistics, and research insights.

6. International Data Transfers

Futureaiit operates globally with entities in the United States and India. Your personal information may be transferred to, stored in, and processed in countries other than your country of residence, including:

• United States (Futureaiit LLC operations)
• India (Futureaiit Consulting Private Limited operations)
• Countries where our cloud service providers operate (AWS, Google Cloud, Azure data centers)

6.1 Safeguards for International Transfers

When transferring personal data from the EEA, UK, or Switzerland to countries without adequate data protection laws, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs): EU-approved model contracts for data transfers
• Data Processing Agreements: Contracts requiring service providers to maintain GDPR-level protections
• Adequacy Decisions: Relying on jurisdictions deemed adequate by the European Commission
• Binding Corporate Rules: Internal policies ensuring consistent data protection across our entities

6.2 India-Specific Considerations

For clients in India, we comply with the Digital Personal Data Protection Act, 2023 (DPDP Act). Cross-border transfers of personal data from India are conducted in accordance with DPDP Act requirements and government notifications.

7. Data Security

We implement comprehensive technical, administrative, and physical security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction.

7.1 Technical Safeguards

• Encryption: Data in transit protected with TLS 1.3; data at rest encrypted with AES-256
• Access Controls: Role-based access control (RBAC), multi-factor authentication (MFA), and principle of least privilege
• Network Security: Firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation
• Vulnerability Management: Regular security patching, penetration testing, and vulnerability scanning
• Secure Development: Secure coding practices, code reviews, and security testing in CI/CD pipelines

7.2 Administrative Safeguards

• Employee Training: Regular security awareness training and privacy education for all personnel
• Background Checks: Pre-employment screening for employees with access to sensitive data
• Confidentiality Agreements: All employees and contractors sign NDAs and confidentiality agreements
• Incident Response Plan: Documented procedures for detecting, responding to, and recovering from security incidents
• Compliance Audits: Regular internal and third-party audits for HIPAA, SOC 2, and ISO 27001 compliance

7.3 Physical Safeguards

• Secure data centers with 24/7 monitoring, access controls, and environmental controls
• Secure disposal of physical media containing personal information
• Locked facilities and restricted access to offices containing sensitive data

7.4 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law (e.g., within 72 hours for GDPR, without unreasonable delay for CCPA). Notifications will include the nature of the breach, affected data, potential consequences, and mitigation measures.

8. Cookies and Tracking Technologies

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. We use cookies and similar technologies (web beacons, pixels, local storage) to enhance your experience, analyze usage, and deliver personalized content.

8.2 Types of Cookies We Use

8.3 Third-Party Cookies

We use third-party services that may set cookies, including:

• Google Analytics: Website traffic analysis
• LinkedIn Insight Tag: Conversion tracking and retargeting
• HubSpot: Marketing automation and CRM
• Hotjar: User behavior analytics and heatmaps

8.4 Managing Cookies

You can control cookies through:

• Browser Settings: Most browsers allow you to block or delete cookies. Consult your browser's help documentation.
• Cookie Consent Banner: Manage your cookie preferences through our website banner.
• Opt-Out Tools: Use industry opt-out tools like the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA).

Note: Disabling cookies may limit website functionality and your user experience.

9. Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.1 Retention Periods

• Client Data: Retained for the duration of the engagement plus 7 years for legal, tax, and audit purposes (or as required by contract)
• Marketing Data: Retained until you unsubscribe or request deletion, then deleted within 30 days
• Website Analytics: Aggregated data retained indefinitely; individual data retained for 26 months (Google Analytics default)
• Job Applications: Retained for 2 years for unsuccessful candidates (with consent); employee records retained per employment law requirements
• Financial Records: Retained for 7 years per tax and accounting regulations
• Legal Claims: Retained as necessary to establish, defend, or exercise legal claims

9.2 Secure Deletion

When personal information is no longer needed, we securely delete or anonymize it using industry-standard methods (e.g., cryptographic erasure, secure wiping, physical destruction of media).

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

10.1 Rights Under GDPR (EEA, UK, Switzerland)

• Right to Access: Request a copy of your personal data we hold
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data (subject to legal retention requirements)
• Right to Restriction: Limit how we use your personal data
• Right to Data Portability: Receive your personal data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent for processing at any time (does not affect prior processing)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

10.2 Rights Under CCPA/CPRA (California)

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of personal information (subject to exceptions)
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell data)
• Right to Limit Use of Sensitive Personal Information: Limit use of sensitive data
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

10.3 Rights Under India DPDP Act

• Right to Access: Obtain information about personal data processing
• Right to Correction: Correct, complete, or update personal data
• Right to Erasure: Request deletion of personal data (subject to legal requirements)
• Right to Grievance Redressal: File complaints with our Data Protection Officer
• Right to Nominate: Nominate another individual to exercise rights in case of death or incapacity

10.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to verified requests within the timeframes required by law (typically 30 days for GDPR, 45 days for CCPA). We may request additional information to verify your identity before processing requests.

11. Children's Privacy

Our services are not directed to individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@Futureaiit.com, and we will delete such information promptly.

12. Third-Party Websites and Services

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information. This Privacy Policy applies only to information collected by Futureaiit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. Material changes will be communicated through:

• Email notification to registered users
• Prominent notice on our website
• Updated "Last Updated" date at the top of this policy

We encourage you to review this Privacy Policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.