top of page

Privacy Policy

1. Introduction

CrestIQ AI (“we,” “us,” or “our”) is committed to protecting your personal information. This Privacy Policy explains how we collect, use,  disclose, and safeguard your data when you visit crestiqai.com or use any CrestIQ AI products or services (collectively, the “Services”).Please read this policy carefully. By using our Services you agree to the practices described here. If you do not agree, please discontinue use of our Services.

 

2. Who We Are

CrestIQ AI is a remote-first AI consulting firm helping small and mid-size businesses implement AI automation. We operate globally, serving clients across the US, UK, and internationally. CrestIQ AI acts as a data controller for information collected through crestiqai.com under applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Contact details:

  • Company: CrestIQ AI

  • Website: crestiqai.com

  • Email: hello@crestiqai.com

 

3. Information We Collect

3.1 Information You Provide Directly

We collect information you actively submit to us, including:

  • Booking information: when you schedule a consultation via our “Book a Call” page (powered by Calendly), we collect your name, email address, phone number (optional), timezone, and the date/time of your appointment.

  • AI chat conversations: when you interact with the CrestIQ AI Assistant chat widget on our website, we collect the messages you send and the AI’s responses.

  • Communications: emails, inquiries, or feedback you send us directly.

3.2 Information Collected Automatically

When you visit crestiqai.com, we and our service providers automatically collect certain technical and usage data:

  • Log data: IP address, browser type and version, operating system, referring URL, pages visited, and timestamps.

  • Device information: device type, screen resolution, and hardware identifiers.

  • Usage data: pages viewed, time spent on pages, clicks, scroll depth, and navigation paths.

  • Session identifiers: unique session IDs generated by our website platform (Wix) for site functionality.

  • UTM / referral parameters: campaign source, medium, and content tags appended to URLs (e.g., from social media links on Instagram). These are stored locally in your browser to attribute visits to marketing campaigns.

  • Error and performance data: JavaScript errors, page load times, and stack traces collected by Sentry to help us diagnose and fix technical issues.

 

3.3 Cookies and Tracking Technologies

Our website uses cookies and similar technologies. See Section 8 for full details on cookie categories and how to manage them.

 

3.4 Information from Third-Party Services

We use third-party tools that may collect information about you independently when you use our Services:

  • Google Analytics 4 (via Google Tag Manager): collects anonymised behavioural data including page views, session duration, user geography, and device type. Google may set its own cookies. You can opt out via Google’s opt-out browser add-on at tools.google.com/dlpage/gaoptout.

  • Calendly: when you book a call, Calendly processes your booking data subject to Calendly’s own Privacy Policy (calendly.com/privacy). We receive a copy of the booking confirmation including your name, email, and selected time.

  • Sentry: an error-monitoring tool that captures technical error data (e.g., browser console errors, performance traces) to help us improve site reliability. Sentry may collect IP address and device information as part of error reports.

  • Wix: our website is hosted on the Wix platform, which may collect usage and infrastructure data. See Wix’s Privacy Policy at support.wix.com/en/article/wix-privacy-policy for details.

 

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we rely on the following lawful bases:

  • Contract performance – to provide the Services you have requested and process your consultation booking.

  • Legitimate interests – to operate and improve our website, monitor site performance and errors (Sentry), and analyse usage trends (Google Analytics 4).

  • Legal obligation – to comply with applicable laws and regulations.

  • Consent – for analytics cookies, marketing cookies, and AI chat data. You may withdraw consent at any time by contacting us or adjusting your cookie settings.

 

5. How We Use Your Information

We use the information we collect to:

  • Schedule and manage consultation calls booked via Calendly

  • Operate and improve the CrestIQ AI Assistant chat widget

  • Analyse website usage and visitor behaviour via Google Analytics 4

  • Diagnose and resolve technical issues via Sentry error monitoring

  • Track the effectiveness of our marketing campaigns via UTM parameters

  • Respond to enquiries and provide customer support

  • Send booking confirmations and related communications

  • Comply with legal obligations and enforce our Terms of Service

 

6. How We Share Your Information

We do not sell your personal information. We share data with the following categories of third parties:

6.1 Service Providers

We engage the following vendors who process data on our behalf:

  • Wix.com Ltd – website hosting and platform

  • Google LLC – website analytics (Google Analytics 4 / Google Tag Manager)

  • Calendly LLC – appointment scheduling

  • Sentry (Functional Software, Inc.) – error and performance monitoring

Each provider is contractually required to process data only for the purposes we specify and to maintain appropriate security standards.

 

6.2 Business Transfers

If CrestIQ AI undergoes a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your data is subject to a materially different privacy policy.

 

6.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

 

6.4 With Your Consent

We may share your information with third parties when you have given explicit consent.

 

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, or as required by law:

  • Booking / consultation data: retained for up to 3 years for business records and follow-up.

  • AI chat conversation logs: retained for up to 12 months to improve the chat assistant’s performance, then deleted or anonymised.

  • Website analytics data: retained in Google Analytics 4 for 14 months (the default retention period), then aggregated or deleted.

  • Error logs (Sentry): retained for up to 90 days.

  • UTM / campaign data in localStorage: stored in your browser; cleared when you clear your browser storage.

You may request deletion of your personal data at any time (see Section 10).

 

8. Cookies and Tracking Technologies

We use the following categories of cookies and tracking technologies on crestiqai.com:

  • Essential cookies – required for the website to function (e.g., Wix session cookies, security tokens). Cannot be disabled.

  • Analytics cookies – Google Analytics 4 cookies (e.g., _ga, _ga_T12BVVVT4G) track page views, session duration, and user behaviour to help us understand how visitors use the site.

  • Functional cookies – cookies that remember your preferences and session state (e.g., Wix fedops.logger.sessionId).

  • Marketing / attribution cookies – UTM parameters stored in localStorage track which marketing campaigns (e.g., Instagram links) brought you to the site.

  • Third-party cookies – Calendly and Sentry may set their own cookies when their scripts load.

You can manage or disable cookies through your browser settings. Note that disabling certain cookies may affect site functionality. For EEA/UK users, a cookie consent mechanism should be presented on first visit; if you have not seen one, please contact us at hello@crestiqai.com.

To opt out of Google Analytics tracking, install the Google Analytics Opt-out Browser Add-on: tools.google.com/dlpage/gaoptout.

 

9. Data Security

We implement industry-standard security measures, including:

  • HTTPS / TLS encryption for all data transmitted between your browser and our website

  • Error monitoring via Sentry to detect and respond to technical vulnerabilities

  • Access controls limiting who within CrestIQ AI can access personal data

  • Reliance on Wix’s infrastructure security for website hosting

No method of transmission over the Internet is 100% secure. If a data breach is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

10. Your Privacy Rights

10.1 Rights for EEA / UK / Swiss Residents (GDPR)

You have the right to:

  • Access – request a copy of the personal data we hold about you

  • Rectification – request correction of inaccurate or incomplete data

  • Erasure (“right to be forgotten”) – request deletion of your personal data

  • Restriction – request that we limit processing of your data

  • Data portability – receive your data in a structured, machine-readable format

  • Objection – object to processing based on legitimate interests or for direct marketing

  • Withdraw consent – withdraw consent for analytics or chat data processing at any time

  • Lodge a complaint with your local supervisory authority (e.g., the ICO in the UK, or your national DPA in the EU)

 

10.2 Rights for California Residents (CCPA / CPRA)

California residents have the right to:

  • Know what personal information we collect, use, and share

  • Delete personal information we hold about you (subject to certain exceptions)

  • Correct inaccurate personal information

  • Opt out of the sale or sharing of personal information (we do not sell data)

  • Non-discrimination – we will not discriminate against you for exercising these rights

To submit a verifiable consumer request, email hello@crestiqai.com. We will respond within 45 days.

 

10.3 All Users

Regardless of your location, you may email hello@crestiqai.com to access, update, or request deletion of your personal data.

 

11. International Data Transfers

CrestIQ AI is a remote-first company serving clients globally. Your data may be transferred to and processed in countries other than your own, including the United States, where our service providers (Google, Calendly, Sentry, Wix) operate.

For transfers from the EEA, UK, or Switzerland to the US, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or the providers’ certification under approved transfer frameworks. You may request details of these safeguards by contacting us.

 

12. Children’s Privacy

The Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us at hello@crestiqai.com and we will promptly delete it.

 

13. Third-Party Links and Embedded Services

Our website embeds third-party services including Calendly (for scheduling) and links to external sites. This Privacy Policy does not govern those third parties. We encourage you to review their privacy policies:

  • Calendly: calendly.com/privacy

  • Google: policies.google.com/privacy

  • Sentry: sentry.io/privacy

  • Wix: support.wix.com/en/article/wix-privacy-policy

 

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your booking or account) and/or by posting a prominent notice on crestiqai.com at least 30 days before the changes take effect. The “Last Updated” date at the top reflects the most recent revision.

 

15. Contact Us

For questions, concerns, or privacy requests, please contact us:

CrestIQ AI — Privacy Team

Email: hello@crestiqai.com

Website: https://crestiqai.com

 

For GDPR-related inquiries, you may contact our privacy team with the subject line “GDPR Request.” If we have not satisfactorily addressed your concern, EEA/UK residents have the right to lodge a complaint with their local data protection authority.

bottom of page