Privacy Policy

Last updated: [DATE] · Review before publishing.

⚠️ Draft for your review. You are a qualified lawyer — please confirm the bracketed details and that this reflects your actual data practices before publishing. Complete the [bracketed] fields.

1. Who we are

Adesanya AI Advisory ("we", "us") is the trading name of Abdulwahab B. Adesanya, an independent legal and AI-governance advisory practice based in Dublin, Ireland. For the purposes of the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018, we are the data controller for personal data processed through this website.

Contact: [CONTACT EMAIL] · [REGISTERED ADDRESS]

2. What data we collect

Information you give us — when you use our contact form, book a consultation, or complete the EU AI Act self-assessment: your name, email, organisation, and the content of your message or responses.
Usage data — basic analytics about how the site is used (pages visited, approximate location, device/browser), collected via [ANALYTICS PROVIDER, e.g. Plausible — privacy-friendly, no cookies] / [or "cookies" if used].
Cookies — [state whether the site uses cookies; if only essential, say so; if analytics/marketing cookies, a consent banner is required].

3. Why we process it and our legal basis

To respond to enquiries and provide our services — legal basis: steps prior to entering a contract / legitimate interests.
To operate and improve the website — legal basis: legitimate interests.
To send updates you request (e.g. the AI Law Radar) — legal basis: consent, which you can withdraw at any time.

4. Who we share it with

We use trusted third-party processors to run the site and our practice, including [HOSTING PROVIDER], [EMAIL PROVIDER, e.g. Google Workspace], and [CRM, e.g. HubSpot]. They process data on our instructions under appropriate agreements. We do not sell your personal data. Where data is transferred outside the EEA, we rely on appropriate safeguards (e.g. Standard Contractual Clauses).

5. How long we keep it

We keep personal data only as long as necessary for the purpose collected — typically [e.g. enquiry data for 24 months; client data per our engagement terms and professional obligations] — after which it is deleted or anonymised.

6. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, or object to processing of your personal data, and to data portability. To exercise these, contact us at [CONTACT EMAIL]. You also have the right to lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).

7. Security

We apply appropriate technical and organisational measures to protect personal data. No method of transmission over the internet is fully secure, but we take reasonable steps to safeguard your information.

8. Changes

We may update this policy from time to time. The "last updated" date above reflects the latest version.