AI Theoria, Inc. ("AI Theoria," "we," "us," or "our") is committed to protecting the privacy of individuals who interact with our website and services. This Privacy Policy describes how we collect, use, disclose, and protect personal information in accordance with applicable law, including the Massachusetts Privacy Act and other applicable state and federal privacy regulations.
We collect information you provide directly to us when you submit an inquiry through our contact form, subscribe to our research publications, or engage with our consulting services. This information may include your name, email address, telephone number, organization name, job title, and information about your AI initiatives or challenges.
We also collect information automatically when you visit our website, including your IP address, browser type, operating system, referring URLs, pages visited, and the date and time of your visits. This information is collected using standard web server logs and, where applicable, analytics tools configured to minimize personal data collection.
We do not collect payment information through our website. Any financial transactions are conducted through separate, secure channels.
We use the information we collect to respond to your inquiries and provide the consulting services you have requested. We may use your contact information to send you research publications, event invitations, and other communications that we believe may be of interest to you, provided you have consented to receive such communications or we have a legitimate interest in sending them. We use automatically collected website information to understand how visitors use our website and to improve our content and user experience.
We do not sell, rent, or trade your personal information to third parties. We do not use your personal information to train AI models without your explicit consent.
Where required by applicable law, we process personal information on the basis of your consent, the performance of a contract, compliance with a legal obligation, or our legitimate business interests. Our legitimate interests include providing and improving our services, preventing fraud, and maintaining the security of our systems.
We may share your personal information with service providers who assist us in operating our website and delivering our services, subject to confidentiality obligations. These service providers may include cloud infrastructure providers, email service providers, and analytics platforms. We require all service providers to process personal information only in accordance with our instructions and in compliance with applicable privacy law.
We may also disclose your personal information if required to do so by law or in response to a valid legal process, or if we believe that disclosure is necessary to protect the rights, property, or safety of AI Theoria, our clients, or others.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, and to resolve disputes. Inquiry-related information is typically retained for five years from the date of last contact. Website analytics data is retained in aggregated, anonymized form indefinitely and in identifiable form for a maximum of 26 months.
We implement appropriate technical and organizational measures to protect personal information against unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit and at rest, access controls, and regular security assessments. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.
Depending on your location and applicable law, you may have the right to access, correct, delete, or restrict the processing of your personal information. You may also have the right to object to our processing of your information, to receive your information in a portable format, and to withdraw consent where processing is based on consent. Massachusetts residents have additional rights under state privacy law, including the right to know what personal information is collected and how it is used.
To exercise any of these rights, please contact us at research@aitheoria.com. We will respond to your request within 30 days. We may require verification of your identity before processing your request.
Our website uses cookies and similar tracking technologies to provide certain functionality and to collect analytics information. You can control cookies through your browser settings and through the cookie consent banner on our website. Please see our Cookie Policy for more information.
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to review the privacy policies of any third-party websites you visit.
Our website and services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will promptly delete that information.
We may update this Privacy Policy from time to time. We will post the updated policy on our website and update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of our website after any changes constitutes your acceptance of the updated policy.
If you have questions about this Privacy Policy or our privacy practices, please contact us:
AI Theoria, Inc.
77 Massachusetts Ave, Suite 500
Cambridge, MA 02139
Email: research@aitheoria.com
Phone: (617) 555-0191
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements.
In general, we retain account information for the duration of your relationship with us plus a reasonable period afterward. Log data is retained for up to 12 months. Analytics data may be retained in aggregated, anonymized form indefinitely.
We may transfer your personal data to countries outside your jurisdiction. When we do so, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by relevant authorities, adequacy decisions, or other legally recognized mechanisms. You may request information about these safeguards by contacting us.
Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that data promptly.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately so we can take appropriate action.
If you are a California resident, you have the right to: (1) know what personal information is collected about you; (2) know whether your personal information is sold or disclosed and to whom; (3) opt out of the sale of your personal information; (4) access your personal information; (5) request deletion of your personal information; (6) not be discriminated against for exercising your privacy rights.
To exercise these rights, please submit a verifiable consumer request to our privacy team. We will respond within 45 days. We do not sell personal information as defined under California law.
For questions about our privacy practices or to exercise your rights, you may contact our Data Protection Officer at the address provided in this policy. We are committed to working with you to resolve any privacy concerns promptly and transparently.
We may use automated processing to analyze your data in certain contexts, such as fraud detection or personalized recommendations. You have the right to request human review of automated decisions that significantly affect you. To exercise this right, contact us using the information provided in this policy.
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements.
In general, we retain account information for the duration of your relationship with us plus a reasonable period afterward. Log data is retained for up to 12 months. Analytics data may be retained in aggregated, anonymized form indefinitely.
We may transfer your personal data to countries outside your jurisdiction. When we do so, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by relevant authorities, adequacy decisions, or other legally recognized mechanisms. You may request information about these safeguards by contacting us.
Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that data promptly.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately so we can take appropriate action.
If you are a California resident, you have the right to: (1) know what personal information is collected about you; (2) know whether your personal information is sold or disclosed and to whom; (3) opt out of the sale of your pe
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements. In general, we retain account information for the duration of your relationship with us plus a reasonable period afterward. Log data is retained for up to 12 months. Analytics data may be retained in aggregated, anonymized form indefinitely. We may transfer your personal data to countries outside your jurisdiction. When we do so, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by relevant authorities, adequacy decisions, or other legally recognized mechanisms. You may request information about these safeguards by contacting us. Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that data promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately so we can take appropriate action. If you are a California resident, you have the right to: (1) know what personal information is collected about you; (2) know whether your personal information is sold or disclosed and to whom; (3) opt out of the sale of your pe
Data Retention Policy
International Data Transfers
Children's Privacy
California Privacy Rights (CCPA/CPRA)