Privacy
Policy
1. Who we are and scope of this Policy
This Privacy Policy applies to users of the AI Findr website available at https://aifindr.ai (the “Website”) and to individuals whose personal data we process in the context of our marketing, sales, and communication activities.
The Website and AI Findr platform are owned and operated by:
The Agile Monkeys S.L.
CIF: B76229087
Registered office: Calle Canalejas 80, 5ºC, C.P. 35003, Las Palmas de Gran Canaria, Las Palmas, Spain
Email: info@theagilemonkeys.com
In this context, The Agile Monkeys S.L. (“we”, “us”, “our”) acts as the Data Controller, as defined in Regulation (EU) 2016/679 (the “GDPR”), for the processing activities described in this Privacy Policy.
This Privacy Policy does not cover how we process personal data inside the AI Findr platform on behalf of customers. That processing is governed by our Data Processing Addendum (DPA), which applies when we act as a Data Processor.
2. Categories of data we collect
Depending on how you interact with us, we may collect and process the following types of personal data:
Contact and lead data
- Name, email address, company, role, phone number
- Any information you include in messages submitted via contact forms, “Request Demo” forms, or email
Marketing & newsletter data
- Email address and, where provided, name and company
- Subscription preferences and interactions with our emails (opens, clicks, unsubscribes)
Account and billing data (AI Findr customers)
- Account owner/admin contact details
- Login credentials (hashed passwords or SSO identifiers)
- Billing contact details, invoicing information, and payment metadata
Usage and technical data
- IP address, device identifiers, browser type/version, operating system
- Log and telemetry data relating to website or platform access
- Cookie and tracking data (see our Cookie Policy)
Prospective customer demo / proof-of-concept data
- Limited datasets you or your organisation submit for demo or PoC purposes
- We act as Controller only for your contact and engagement data used for follow-up
- All demo/PoC dataset processing inside AI Findr is covered by the DPA
Sensitive data
We do not intentionally collect special categories of personal data or criminal data. Please do not submit such data through our Website or platform.
Please do not send us real datasets via email, forms, or other channels outside the platform, as such processing is not covered by the Policy or the DPA.
3. Purposes and legal bases for processing
We process personal data for the following purposes and on the legal grounds defined under the GDPR:
Responding to enquiries and demo requests
Purpose: Respond to enquiries, provide product information, and deliver demos or proofs of concept.
Legal bases:
- Art. 6(1)(b) GDPR – steps prior to entering into a contract
- Art. 6(1)(f) GDPR – our legitimate interest in following up with leads
Providing and managing AI Findr customer accounts
Purpose: Create and manage accounts, authenticate users, provide support, and operate the platform.
Legal bases:
- Art. 6(1)(b) GDPR – performance of contract
- Art. 6(1)(f) GDPR – legitimate interest in operating a secure service
Sending newsletters and marketing communications
Purpose: Send product updates, feature announcements, and marketing emails.
Legal bases:
- Art. 6(1)(a) GDPR – consent (e.g., newsletter sign-ups)
- Art. 6(1)(f) GDPR – legitimate interest in promoting similar services to existing customers (with opt-out)
For advertising campaigns aimed at professionals (B2B), we may rely on legitimate interest, but you can always choose to opt out.
Analytics and product improvement
Purpose: Understand website usage, improve performance, and develop new features.
Legal bases:
- Art. 6(1)(a) GDPR – consent for Hotjar and other non-essential analytics
- Art. 6(1)(f) GDPR – legitimate interest for cookieless analytics (e.g., Fathom), essential logs, and security monitoring
Security, fraud prevention, and legal compliance
Purpose: Prevent misuse, detect incidents, comply with law, and protect our rights.
Legal bases:
- Art. 6(1)(c) GDPR – legal obligations
- Art. 6(1)(f) GDPR – legitimate interest in securing our systems and services
You may withdraw your consent at any time without affecting the lawfulness of prior processing.
4. Data retention
We retain personal data only as long as necessary for the purposes collected:
- Leads & enquiries: typically up to 2–3 years of inactivity
- Newsletter subscribers: until you unsubscribe
- Account & billing data: for the duration of the contract + legally required retention (e.g., tax/accounting)
- Technical/log data: retained for short periods before anonymisation or deletion
When data is no longer required, it is securely deleted or anonymised.
5. Recipients and international transfers
We may share personal data with:
Service providers (processors)
We use trusted third-party providers to operate our Website and AI Findr platform. These providers process personal data only as needed for their services and are bound by GDPR-compliant data processing agreements.
Website-level service providers:
These services may process user data (such as IP, device info, page visits) when you visit our Website:
- Webflow – website hosting & CMS
- Cloudflare – security, performance optimisation, CDN
- Fathom Analytics – privacy-focused, cookieless analytics (EU region)
- Hotjar – heatmaps, session recordings (consent-based)
- Google Tag Manager – tag loading
- Google Ads (gtag.js) – conversions and campaign measurement
- LinkedIn Insight Tag – ad performance and audience measurement
- Finsweet – UX functionality components
- Mailchimp – newsletter and marketing communication delivery (where applicable)
These processors support website analytics, security, marketing, form submissions, and platform operations.
Platform-level subprocessors
When customers use AI Findr, we process certain data on their behalf. Those subprocessors and related safeguards are described in our Data Processing Addendum (DPA).
Affiliates and professional advisers
We may share personal data with group entities, auditors, or legal advisers under confidentiality obligations.
Authorities
We may disclose personal data to comply with legal obligations or respond to lawful requests.
International transfers
Some service providers are located outside the EEA or UK (e.g., the United States).
Where data is transferred internationally, we use safeguards such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions
- Other mechanisms permitted under GDPR
For customer data processed within AI Findr, transfer details are specified in our DPA.
6. Your rights
You may exercise the following rights under the GDPR:
- Access to your data
- Rectification of inaccurate data
- Deletion (“right to be forgotten”)
- Restriction of processing
- Objection to processing (including marketing)
- Data portability
- Withdrawal of consent at any time
- Complaint to a supervisory authority
Spanish supervisory authority (AEPD):
https://www.aepd.es/reglamento/derechos/index.html
Address: Calle Jorge Juan 6, 28001, Madrid, Spain
To exercise your rights, contact:
The Agile Monkeys S.L.
Calle Canalejas 80, 5ºC, 35003 Las Palmas de Gran Canaria, Spain
Email: info@theagilemonkeys.com
We may need to verify your identity.
7. Cookies and similar technologies
We use cookies and similar technologies on our Website, including Fathom Analytics (cookieless), Hotjar (consent-based), Google Ads, LinkedIn Insight Tag, and essential Webflow/Cloudflare cookies.
For full details, please see our Cookie Policy.
8. Links to third-party sites
Our Website may contain links to third-party websites. We are not responsible for their content or privacy practices. You should review their privacy policies.
9. Changes to this Privacy Policy
We may update this Policy to reflect changes in our practices, technologies, or legal requirements. Updated versions will be posted here with a new “Last updated” date. Where legally required, we will notify you of material changes.
