GDPR & CCPA Compliance — gtme.ai

General Data Protection Regulation (GDPR)

gtme.ai is committed to compliance with the UK GDPR and EU GDPR. We process personal data lawfully, fairly, and transparently.

Lawful Basis for Processing

We process personal data on the following bases:

Consent — when you submit our contact form or subscribe to communications
Legitimate interest — to improve our website and understand how visitors use it
Contract — to fulfil obligations under a consulting engagement

Your Rights Under GDPR

You have the right to:

Access the personal data we hold about you
Rectify inaccurate or incomplete data
Request erasure of your data (“right to be forgotten”)
Restrict or object to processing
Data portability — receive your data in a structured format
Withdraw consent at any time

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for up to 24 months unless you request earlier deletion.

California Consumer Privacy Act (CCPA)

If you are a California resident, you have additional rights under the CCPA:

Right to know — what personal information we collect, use, and disclose
Right to delete — request deletion of your personal information
Right to opt out — of the sale of personal information (we do not sell personal data)
Right to non-discrimination — for exercising your privacy rights

International Transfers

Where we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, including standard contractual clauses and adequacy decisions.

Data Protection Officer

For data protection enquiries or to exercise your rights, contact us via our website contact form or LinkedIn.