Privacy Policy

Last updated: June 2025

This Privacy Policy explains how BA Internet Advisors (“Company,” “we,” “us,” or “our“) collects, uses, discloses, and protects personal data when you use ba-internet-advisors.com (the “Site“) and our advisory services (the “Services“). It also explains your privacy rights under applicable laws, including the EU/EEA General Data Protection Regulation (“GDPR“).

1) Who is the Controller?

Unless stated otherwise in an applicable agreement, BA Internet Advisors is the data controller for personal data processed via the Site and for our marketing and business operations.

  • Legal entity name: BA Internet Advisors
  • Registered address: 19 Raintree Pl, 32164 Palm Coast
  • Contact email: ba.internet.advisors@gmail.com
  • Phone: ‪001 (352) 559-4451‬

2) What Personal Data We Collect

We collect and process the following categories of personal data:

  1. Identification & contact data – name, email address, phone number, job title, company, billing address.
  2. Account data – login credentials, profile information, preferences, communications.
  3. Transactional & billing data – purchases, invoices, payment status, VAT details (payment card data is processed by our payment processor; we do not store full card numbers).
  4. Advisory inputs & deliverables – materials you share with us (e.g., documents, datasets), meeting notes, recommendations, and reports that may include personal data of your staff or customers.
  5. Usage & device data – IP address, device identifiers, browser type, pages visited, time spent, referrer/UTM parameters, approximate location (from IP), and session metadata.
  6. Cookies & similar technologies – see Cookies & Tracking below.
  7. Support communications – emails, forms, chat messages, and call recordings (if applicable, with notice).

We do not intentionally collect special categories of data (e.g., health, biometric, religious beliefs) unless explicitly agreed and contractually safeguarded.

3) Sources of Personal Data

  • Directly from you (forms, emails, meetings, contracts).
  • Automatically via the Site (cookies, analytics).
  • From your organization (if we provide B2B Services).
  • From third parties (e.g., lead providers, partners) where legally permitted.

4) Purposes & Legal Bases (GDPR Art. 6)

We process personal data for the following purposes and legal bases:

PurposeLegal Basis
Provide, maintain, and secure the Site and ServicesContract (Art. 6(1)(b)) and Legitimate Interests (Art. 6(1)(f))
Advisory delivery, workshops, and supportContract (Art. 6(1)(b))
Account creation, authentication, and administrationContract (Art. 6(1)(b))
Billing, payments, accounting, and tax complianceLegal Obligation (Art. 6(1)(c)) and Contract
Communications about Services, transactional noticesContract and Legitimate Interests
Marketing (emails, newsletters, ads)Consent (Art. 6(1)(a)) where required; otherwise Legitimate Interests
Analytics, performance, and product improvementConsent for non‑essential cookies; Legitimate Interests for aggregated/essential analytics
Security, fraud prevention, and abuseLegitimate Interests; Legal Obligation where applicable
Recruitment (if you apply)Steps prior to contract (Art. 6(1)(b))

Where we rely on legitimate interests, we balance our interests against your rights and expectations (Legitimate Interests Assessment available on request).

5) Cookies & Tracking

We use cookies and similar technologies (e.g., pixels, local storage) to operate the Site, measure performance, and personalize content. Non‑essential cookies (e.g., marketing/advertising, advanced analytics) are used only with your consent via our cookie banner.

  • Manage consent: You can change or withdraw consent at any time via the cookie settings link in the footer.
  • Browser controls: You can also block cookies in your browser settings; essential cookies may be required for core functionality.

Categories:

  • Strictly necessary (essential; no consent).
  • Analytics (consent where required).
  • Functionality (consent where required).
  • Advertising/retargeting (consent required).

We will maintain a Cookie List in this policy or a linked page, showing each cookie name, provider, purpose, and retention.

6) How We Share Personal Data

We share personal data with:

  1. Service providers/processors – hosting, CRM, analytics, communications, payment processing, accounting, security. These parties process data under written contracts and only on our instructions.
  2. Professional advisors – legal, tax, auditors, insurers (subject to confidentiality obligations).
  3. Affiliates and partners – for internal administration or co‑marketing with your consent where required.
  4. Authorities – where required by law or to protect rights, safety, and security.
  5. Business transfers – in connection with mergers, acquisitions, or asset sales, subject to this Policy’s commitments.

We do not sell personal data. We may share aggregated or de‑identified information that cannot reasonably identify you.

7) International Transfers

If personal data is transferred outside the EEA/UK/Switzerland, we use appropriate safeguards such as EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum (IDTA) where relevant, and additional measures as needed. You can request a copy of applicable safeguards (redacted as necessary) using the contact details below.

8) Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described above or as required by law (e.g., tax and accounting record‑keeping). Typical periods:

  • Account and advisory records: Up to 7 years after the end of the relationship (or longer if required by law).
  • Marketing contacts: until you withdraw consent or object, plus a minimal suppression record.
  • Security logs: typically 90–365 days.
  • Cookies: per the cookie list/your settings.

When retention expires, we will delete or irreversibly anonymize data.

9) Your Rights (GDPR Arts. 12–22)

Subject to conditions and exceptions, you have the right to:

  • Access your personal data and obtain a copy.
  • Rectify inaccurate or incomplete data.
  • Erase data (“right to be forgotten”).
  • Restrict processing in certain circumstances.
  • Data portability (machine‑readable copy).
  • Object to processing based on legitimate interests or to direct marketing (including profiling for marketing).
  • Withdraw consent at any time without affecting prior processing.

To exercise rights, contact us at ba.internet.advisors@gmail.com. We may need to verify your identity. You also have the right to lodge a complaint with a supervisory authority (see Section 1).

10) Security

We implement technical and organizational measures appropriate to the risk, including access controls, encryption in transit, vulnerability management, backups, and staff confidentiality obligations. No method of transmission or storage is 100% secure; if we learn of a data breach that affects your rights and freedoms, we will notify you and authorities as required by law.

11) Children’s Privacy

Our Services are not directed to children under 16 (or lower age as permitted by your country’s law, not below 13). We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take appropriate action.

12) Acting as a Processor (B2B Clients)

For certain Services, we may process personal data on behalf of our business clients (as a processor). In those cases, the client’s privacy policy applies, and processing is governed by a Data Processing Agreement (DPA) with standard contractual clauses. If you are an end‑user of a client, please contact them directly to exercise your rights.

13) Third‑Party Links & Services

Our Site may contain links to third‑party websites, plug‑ins, or services. Those are governed by their own policies. We are not responsible for their privacy practices.

14) Marketing Communications

Where required, we will obtain your consent before sending marketing emails. You can opt out at any time by using the unsubscribe link or contacting us. Even if you opt out, we may still send transactional or service communications.

15) Automated Decision‑Making

We do not engage in automated decision‑making that produces legal or similarly significant effects without human involvement. If that changes, we will provide required notices and safeguards.

16) Changes to this Policy

We may update this Policy from time to time. We will post the updated version with a new Last updated date and, if changes are material, provide additional notice (e.g., banner or email). Please review this Policy periodically.

17) Contact Us

If you have questions or requests about this Policy or our data practices:

  • Email: ba.internet.advisors@gmail.com
  • Postal: 19 Raintree Pl, 32164 Palm Coast
  • Phone: 001 (352) 559-4451‬

Annex A — Cookie List Template

We will keep this table updated as we deploy or remove tools.

CookieProviderPurposeTypeRetention
_gaGoogle AnalyticsAnalytics (usage statistics)Non‑essential13 months
_gidGoogle AnalyticsSession analyticsNon‑essential24 hours
gat*Google AnalyticsThrottling requestsNon‑essential1 minute
__cf_bmCloudflareBot mitigation/edge securityEssential30 minutes
session_idBA Internet AdvisorsSession managementEssentialSession