Privacy

Privacy policy.

Last updated: 21 May 2026. Plain English. If anything is unclear, ask us through the contact form.

Who we are

The AI Development is an engineering studio building production AI agents, automation, and custom software. We're the data controller for personal data processed through this website. Reach us through the contact form on /contact.

What we collect

  • Contact form submissions. Name, email, optional company, and your message. Required to reply.
  • Spam-prevention metadata. IP address, user agent, and a reCAPTCHA v3 score — captured server-side and stored alongside the submission for abuse review.
  • Analytics — only after opt-in. Google Analytics 4 via Google Tag Manager. Pages viewed, time on page, country, device class. We use Consent Mode v2 — no analytics cookies fire until you click Accept in the banner.
  • Necessary cookies. Session state, security, and the cookie-consent choice itself. These always run because the site doesn't work without them.

Legal basis (GDPR)

  • Contact form: consent + legitimate interest (replying to your enquiry).
  • Spam prevention: legitimate interest in keeping the inbox usable.
  • Analytics: consent (Art. 6(1)(a)). No analytics processing happens without it.

Who we share with

  • Firebase (Google Cloud). Hosting, Cloud Functions, and Firestore where contact submissions are stored. EU region (europe-west1).
  • Resend. Email delivery for the contact form. We pass them your name, email, and message so the email can be composed and sent to us.
  • Google reCAPTCHA. v3 score check on form submission.
  • Google Analytics + Tag Manager. Only after your consent. Aggregated event data.

We don't sell data. We don't share contact submissions with anyone outside the processors above.

How long we keep it

  • Contact form submissions: 24 months in Firestore, then deleted unless the conversation led to a contract (in which case the engagement record is kept for tax/legal periods).
  • Analytics: 14 months in Google Analytics, then auto-deleted.
  • Logs (Cloud Functions / Hosting): 30 days.

Your rights

Under GDPR you can request access, rectification, erasure, restriction, portability, and objection. Send the request through the contact form with subject “Data request” — we reply within one business day and complete the request within 30 days.

You can also lodge a complaint with your local supervisory authority. In the EU/EEA find yours via edpb.europa.eu.

Cookies

For the cookies we set and how to change your preferences, see the Cookie policy.

Changes

We update this page when our practices change. The “Last updated” date at the top reflects the most recent revision.