Privacy Policy for Deep Purple AI Consulting

At Deep Purple AI Consulting, we take your privacy seriously. This policy explains how we collect, use, and protect your personal data when you interact with us — whether that's through our website, booking a call, or working with us as a client.

We're a registered business in Ireland and follow all relevant privacy laws, including the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018.

1. Who We Are

Purpledecks Ltd (trading as Deep Purple AI Consulting) is the data controller for the personal data described in this policy.

Business address:

Email: hello@deeppurple.ai

We are not required to appoint a Data Protection Officer under GDPR due to the nature and scale of our data processing activities.

2. What Data We Collect

We may collect the following types of personal information:

Information you provide directly:

• Name and contact details (email address, phone number)
• Company name and job title
• Information shared during consultations, calls, or meetings
• Messages sent via our website contact form, email, or LinkedIn
• Booking details when you schedule a call through Calendly
• Billing information for invoicing purposes

Information from publicly available sources:

• Publicly available business information from LinkedIn profiles or company websites for B2B outreach purposes

Information collected automatically:

• Website usage data through cookies and analytics tools, only where you have given consent via our cookie banner (see our Cookie Policy)
• IP address and browser information
• Pages visited and time spent on our website

3. How We Use Your Data

We use your personal data for the following purposes:

• To respond to enquiries: When you contact us through our website, email, or LinkedIn
• To provide our services: Managing client engagements, scheduling meetings, and delivering AI consulting services
• To send invoices and manage payments: Processing billing for our services
• To improve our website: Understanding how visitors use our site so we can make it better (only with your consent)
• To comply with legal obligations: Such as tax and accounting requirements

4. Legal Basis for Processing

Under GDPR, we process your data based on the following legal grounds:

• Contractual necessity: To provide services you've requested or to take steps before entering into a contract
• Legitimate interests: To respond to enquiries, improve our services, and manage our business operations
• Legal obligation: To comply with tax, accounting, and other legal requirements
• Consent: For analytics cookies and any future marketing communications (you can withdraw consent at any time)

5. Information Required to Work With Us

To engage our consulting services, we require certain information as a contractual necessity:

• Contact name and email address (to communicate with you)
• Company name and address (for contracts and invoicing)
• Billing contact details (for payment processing)

If you do not provide this information, we may not be able to enter into a contract or provide our services to you.

6. How We Store Your Data

Your personal data is stored securely using the following services:

• Google Workspace: Email and cloud storage
• Calendly: Appointment scheduling
• Zoom / Google Meet / Microsoft Teams: Video conferencing
• Accounting software: Invoicing and financial records

We may update our systems and tools from time to time (for example, introducing a CRM system or additional analytics). Where this affects how we process personal data, we will update this Privacy Policy accordingly.

7. International Data Transfers

Some of our service providers (such as Google and Calendly) are based in the United States. Where personal data is transferred outside the European Economic Area (EEA), we rely on:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• Additional supplementary measures where required

These safeguards ensure your data receives equivalent protection to that provided within the EEA.

8. How Long We Keep Your Data

We retain personal data only for as long as necessary:

• Enquiries that don't become clients: Up to 2 years, then deleted unless you contact us again
• Client records (including financial records): 7 years after the end of our business relationship (to comply with Irish tax requirements)
• Website analytics data: 26 months (Google Analytics default)

9. Who We Share Your Data With

We don't sell your personal data. We may share it with:

• Subcontractors: Who help us deliver services to you. All subcontractors are subject to contractual confidentiality and data protection obligations.
• Service providers: Including Google (email, analytics, video calls), Calendly (scheduling), Microsoft (video calls), and our accounting software provider
• Professional advisors: Such as accountants, where required
• Legal authorities: If required by law

We may use social media conversion pixels (such as Meta or LinkedIn) in the future to track the effectiveness of our advertising. These tools would only be activated with your consent and would allow us to see if a visitor took an action on our site after clicking an ad. We will update this policy before implementing any such tools.

10. Your Rights

Under GDPR, you have the following rights:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Ask us to correct inaccurate or incomplete data
• Right to erasure: Ask us to delete your data (where there's no legal reason for us to keep it)
• Right to restrict processing: Ask us to limit how we use your data
• Right to data portability: Request your data in a machine-readable format
• Right to object: Object to our processing of your data for certain purposes
• Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, contact us at hello@deeppurple.ai. We'll respond within 30 days.

11. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on you.

12. Cookies and Analytics

Our website uses cookies and analytics tools to understand how visitors use the site. We only use non-essential cookies, including analytics cookies (Google Analytics), where you have given your consent via our cookie banner.

For full details on the cookies we use and how to manage your preferences, see our Cookie Policy.

13. Third-Party Links

Our website may contain links to external sites (such as LinkedIn, Calendly, or other resources). We're not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

14. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or damage. This includes using secure email systems, strong passwords, and limiting access to personal data to those who need it.

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. For significant changes, we may notify you directly.

16. How to Complain

If you're unhappy with how we've handled your data, please contact us first at hello@deeppurple.ai and we'll do our best to resolve the issue.

You also have the right to lodge a complaint with the Irish Data Protection Commission:

17. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, contact us at:

Email: hello@deeppurple.ai