Privacy Policy

AISDC ("we", "us", "our") is a software studio operated from San Pedro Garza García, Nuevo León, Mexico. We build custom software, AI solutions, mobile apps, computer vision systems, and process automation for businesses worldwide. This privacy policy explains what personal data we collect through aisdc-org.com and our client projects, how we use it, and the rights you have over it.

For Mexican residents, we operate under the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and its regulations. For EU residents, we comply with the GDPR. For California residents, we honor CCPA / CPRA rights.

Information you give us directly — when you fill out our contact form, email us, or message us on WhatsApp: name, company, email address, phone number, and the content of your message. We collect only what is necessary to respond to your inquiry and propose a project.

Information collected automatically — when you visit our website, our analytics tools (Google Analytics 4, Firebase Hosting logs) collect: IP address (anonymized), browser type, device type, operating system, pages visited, time on page, referrer URL, country/region, and an anonymous session identifier. We do not collect precise geolocation, tracking cookies for advertising, or biometric data on this site.

Cookies — we use first-party cookies for: session management (authentication if any), Google Analytics measurement (analytics cookies), and your locale preference (en/es). We do not use third-party advertising cookies.

We use your data only for these purposes:

• To respond to your inquiry and propose a project scope
• To deliver services we have agreed on (including ongoing support)
• To send relevant project updates by email or WhatsApp (you can opt out anytime)
• To improve our website and content (anonymized, aggregated usage analytics)
• To comply with legal obligations (e.g. tax records for invoiced clients)

We do not sell your data, do not use it to train external AI models, and do not share it with advertising networks.

We use a small set of trusted third-party providers:

• Google Analytics 4 — anonymized website analytics. Data flows to Google in the US/EU under SCCs.
• Firebase Hosting (Google) — serves the website. Standard server logs.
• Google Tag Manager — manages analytics tags.
• WhatsApp Business / Meta — when you message us via the WhatsApp link, Meta processes the conversation per its own policy.
• Email providers (Google Workspace, Sendgrid, or similar) — to send and receive correspondence with you.

Each provider has its own privacy policy; we recommend reviewing them. We do not share your contact information with anyone outside this list without your explicit consent.

Inquiry data (form submissions, emails, WhatsApp messages) is retained for up to 24 months after our last interaction, then deleted. Active client project data is retained as long as the engagement is active and for 5 years after closure (Mexican tax-record requirement). Anonymized analytics data is retained per Google's defaults (14 months in GA4).

You have the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Delete your data (right to be forgotten, subject to legal retention requirements)
• Object to certain processing activities
• Restrict processing in some circumstances
• Port your data in a machine-readable format
• Withdraw consent at any time without affecting the lawfulness of prior processing

For Mexican residents these are the ARCO rights (Acceso, Rectificación, Cancelación, Oposición). To exercise any of these rights, contact us at the address below. We will respond within 20 business days (Mexico) or 30 days (EU/CA).

We implement industry-standard security: TLS 1.3 encryption in transit, HTTPS only, security headers (HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy), restricted admin access, and regular security review of our dependencies. No system is 100% secure, but we treat your data with the same diligence we apply to our clients' production systems.

Your data may be processed in countries other than Mexico (primarily the US and EU, where our analytics and email providers operate). Where required, transfers occur under Standard Contractual Clauses (SCCs) or equivalent safeguards.

Our services are aimed at businesses, not children. We do not knowingly collect personal data from anyone under 13. If you believe we have collected such data, contact us and we will delete it.

We may update this policy as our services or applicable law evolve. The "Last updated" date at the top reflects the most recent material change. Significant changes affecting how we use existing personal data will be communicated by email where reasonably possible.

For any privacy question or to exercise your rights, contact us at:

AISDC
San Pedro Garza García, Nuevo León 66260, Mexico
Email: support@aisdc-org.com
Phone / WhatsApp: +1 (650) 334-6940