Your data. Your control.

This Privacy Policy explains how gamgi collects, uses, stores, and protects your personal data when you interact with our website at gamgi.ai, book an audit, or contact us.

We take data privacy seriously. We comply with the General Data Protection Regulation (GDPR) and all applicable data protection laws. This policy applies to all visitors and clients across all our locations: Lisbon, London, and New York.

We only collect information that you voluntarily provide to us. Here’s what we gather and why:

Audit booking form

When you book an AI audit through our website, we collect:

• Full name - to identify you and send audit details
• Email address - to contact you about your audit
• Company name - to understand your organisation
• Industry - to tailor our audit approach
• Company size - to scope the engagement appropriately
• Challenge description - to prepare for your audit call

Newsletter signup

On our Insights page, we offer a newsletter about AI trends and business strategy. If you sign up, we collect your email address to send you regular updates.

Contact information

If you email us directly at [email protected], we collect and store your message and any replies to respond to your inquiry.

Website analytics

We use Apollo, a third-party B2B analytics service, to identify the organisations that visit our website - and, for visitors in the United States, individual professional contacts. To do this, Apollo processes technical data such as your IP address and the pages you view, and matches it against its business database. We use this only to understand which companies are interested in our services and to inform our outreach. Apollo is a data processor based in the United States. It does not affect the form data you choose to submit, and we don’t use it to serve advertising or track you across other websites.

We use your information only for the purposes you provide it:

Audit booking data

• Schedule and conduct your AI audit consultation
• Send you audit reports and recommendations
• Follow up with you after the audit (if you’re interested in engagement)
• Improve our audit process based on client feedback

Newsletter emails

• Send you articles, insights, and AI trends relevant to your business
• Keep you informed about new gamgi capabilities and case studies

Direct emails

• Respond to your inquiry promptly
• Provide the information or support you’ve requested

What we don’t do

• We will never sell or rent your personal data to third parties
• We don’t share the details you submit (booking, newsletter, email) for marketing purposes without your explicit consent
• We don’t use advertising cookies or track you across other websites for ad targeting

Where your data is stored: All personal data collected through gamgi.ai is stored securely within the European Union, in compliance with GDPR data residency requirements.

How we protect your data

• Encryption: Data in transit is encrypted via HTTPS
• Access control: Only authorised team members can access your information
• Regular reviews: We regularly audit our data security practices
• No unnecessary retention: We don’t keep data longer than necessary

Data retention

We retain your personal data for as long as needed to deliver our service and comply with legal obligations. After an audit engagement ends, we retain records for up to 3 years to support ongoing client relationships and legal compliance. Newsletter subscribers’ data is retained until you unsubscribe.

As an EU resident or individual within GDPR’s scope, you have the following rights regarding your personal data:

Right of access

You can request a copy of all personal data we hold about you.

Right of rectification

You can correct inaccurate or incomplete data we have about you.

Right of erasure

You can request deletion of your data, with certain legal exceptions (e.g., we may need to retain records for audit purposes).

Right to restrict processing

You can ask us to limit how we process your data in certain circumstances.

Right to data portability

You can request your data in a machine-readable format to transfer to another organisation.

Right to object

You can object to processing of your data, including for marketing purposes.

How to exercise your rights

To exercise any of these rights, email us at [email protected] with your request. Include your name and email address, and clearly describe what you’re requesting. We’ll respond within 30 days of receipt.

We use a small number of cookies and tracking technologies, kept to what’s necessary:

• Visitor analytics - our Apollo analytics (see § 02) may set identifiers to recognise return visits and attribute page activity to a visiting organisation.
• Booking calendar - the Cal.com scheduler embedded on the Book Audit page sets a security cookie (__cf_bm) from its provider to guard against bots. It is only set on that page, when the calendar loads.

We do not use advertising cookies, social-media pixels, or cross-site ad-tracking networks - no Google Analytics, no Facebook Pixel, or similar.

You can block or remove cookies in your browser settings, and use browser privacy tools or extensions to opt out of analytics trackers, without affecting the core site.

We use the following third-party services to deliver our services:

Email service provider

We use a secure email platform to send newsletters and audit confirmations. Your email is processed by this provider only to deliver the message you’ve requested.

Visitor analytics - Apollo

We use Apollo (apollo.io), a US-based B2B analytics and sales-intelligence platform, to identify visiting organisations as described in § 02 and § 06. Technical data such as your IP address is processed by Apollo for this purpose.

Booking calendar - Cal.com

Audit bookings use the Cal.com embedded scheduler. When you open the calendar on the Book Audit page, Cal.com processes the booking details you enter and sets its own security cookie (see § 06).

No advertising or data-broker sharing

Aside from the processors listed above, we do not sell your personal data or share it with advertising networks or data brokers. The only other exception is if required by law or a court order.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We’ll notify you of material changes by updating the “Last updated” date at the top of this page.

Your continued use of our website after changes become effective constitutes your acceptance of the updated Privacy Policy.