How G.E.T AI Labs handles your data.

This site is operated by G.E.T AI Labs, an applied AI research lab and consulting studio for high-stakes B2B work. G.E.T AI Labs is a subsidiary of GodsEye Technologies.

For privacy purposes, G.E.T AI Labs is the data controller of personal information you submit through this site. The data processors we use to operate the site (e.g. Resend, Cloudflare) are listed below.

You can reach us about this policy or any privacy matter at [email protected].

We collect only the information needed to operate the site and respond to inquiries. Specifically:

Information you give us

When you submit the inquiry form on /contact, we collect:

• Your name
• Your work email address
• Your organization
• Your role (optional)
• The research area you selected
• The free-text description of your inquiry
• Timeline, budget, and meeting-format selections (optional)
• Whether an NDA is required before technical discussion

Information collected automatically

When you visit the site, our hosting provider (Cloudflare) automatically logs technical information that any web server would receive:

• IP address (truncated where local law requires)
• Approximate country and region (from IP geolocation)
• Browser type and version (user-agent string)
• Referring URL (the page you came from, if any)
• Page accessed and timestamp

We do not run third-party advertising trackers, Google Analytics, Facebook Pixel, session-recording tools, or cross-site tracking pixels. We do not build behavioral profiles for advertising purposes — we don't run advertising at all.

Information we do NOT collect

We do not knowingly collect financial information (no payments are processed through this site), government-issued identifiers, biometric data, precise geolocation, or any special category of personal data (race, religion, health, sexual orientation, political views, union membership, genetic data). If you voluntarily include any such information in your inquiry description, we treat it under the same confidentiality terms as the rest of your inquiry but recommend against doing so — high-level descriptions are sufficient for initial scoping.

We use the information above only for these purposes:

• Respond to your inquiry. The information you submit is read by a member of the G.E.T AI Labs operating team — typically a principal who would lead the engagement — and used to determine fit, scope a conversation, and reply.
• Send an auto-acknowledgment email. Within seconds of submission, you receive a confirmation email at the address you provided. This is a one-time transactional message; we do not add your address to any marketing list.
• Detect abuse and spam. Submissions that trigger our honeypot field, exceed rate limits, or match known abuse patterns are silently dropped. Server logs are reviewed only when investigating a specific incident.
• Operate the site. Cloudflare uses the automatic-collection data above for standard CDN operations: serving the right content from the nearest edge, detecting attacks, and caching static assets.
• Comply with law. Where legally required, we may retain or disclose information in response to a valid legal process. We will challenge overbroad requests and notify affected individuals where law permits.

We do not use inquiry data to train AI models, feed third-party AI services, share with other clients, repackage as datasets, or sell to data brokers — ever.

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with comparable law, we process your personal data under one or more of these legal bases:

• Legitimate interest (Art. 6(1)(f) GDPR) — to respond to inquiries you affirmatively submit, send transactional acknowledgments, and operate the site securely. We have determined our interest in responding to a business inquiry does not override your rights, particularly because the submission is voluntary and your minimum disclosure is sufficient.
• Consent (Art. 6(1)(a) GDPR) — where you affirmatively submit the inquiry form, you consent to the use of the information you provided to receive a response. You may withdraw this consent at any time by contacting us; we will delete your inquiry data on request (see "Your rights" below).
• Legal obligation (Art. 6(1)(c) GDPR) — where applicable law requires us to retain or disclose information.

We share inquiry-form data and server logs only with the following processors, who act on our behalf under written agreements (or their equivalent terms of service):

Cloudflare, Inc.

Provides DNS, CDN, web hosting via Cloudflare Pages, edge security (WAF, rate limiting), and inbound email routing for [email protected]. Headquartered in the United States with a global edge footprint. See Cloudflare's privacy policy.

Resend (Sample Inc.)

Transactional email service used to send the two emails triggered by your inquiry: (1) a notification to our team inbox, (2) an auto-acknowledgment to the email address you provided. Resend has access to the inquiry data only insofar as it appears in those two emails. Headquartered in the United States. See Resend's privacy policy.

GitHub, Inc.

Source code hosting for the site's static assets. GitHub does not receive your inquiry-form data or visitor information — only the source code of the website itself. Headquartered in the United States (subsidiary of Microsoft Corporation).

We do not use third-party analytics platforms, advertising networks, customer-data platforms (CDPs), data brokers, AI vendors with training rights, or any service that would sell or resell your data.

Because the site is served via Cloudflare's global edge network and our processors are headquartered in the United States, personal data you submit may be processed in countries outside your country of residence — including the United States and any country where Cloudflare operates an edge data center.

Where required by GDPR or comparable law, we rely on the following safeguards for international transfers:

• Standard Contractual Clauses (EU SCCs and UK IDTA) where applicable, as incorporated into our processors' terms.
• Cloudflare's Data Processing Addendum, which incorporates the SCCs and Cloudflare's commitments regarding GDPR Article 28.
• Resend's Data Processing Agreement, which provides comparable contractual protections.
• Where lawful, encryption in transit (TLS) and at rest for all data flowing between our processors.

We keep personal data only as long as necessary for the purpose it was collected, or as required by applicable law:

• Inquiry data that does not lead to an engagement: retained in the recipient inbox for up to 24 months for record-keeping and follow-up, then deleted. Earlier deletion on request.
• Inquiry data that leads to a signed engagement: governed by the engagement agreement and retained for the duration required by the engagement plus any contractual or legal record-retention period. Typically 3–7 years post-engagement.
• Auto-acknowledgment emails: stored in Resend's transactional log per Resend's own retention schedule (typically ≤ 30 days for the message body, longer for delivery metadata).
• Server / CDN logs: retained by Cloudflare per their default retention (typically 7–30 days for raw logs).

Depending on where you live, you may have some or all of the following rights regarding your personal data:

Under GDPR (EU / UK)

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — ask us to correct inaccurate or incomplete data.
• Right to erasure ("right to be forgotten") — ask us to delete personal data we hold about you, subject to lawful retention obligations.
• Right to restriction of processing — ask us to limit how we process your data.
• Right to data portability — receive a copy of your data in a structured, commonly used, machine-readable format.
• Right to object — object to processing based on our legitimate interest.
• Right to withdraw consent — where processing relies on your consent, withdraw it at any time.
• Right to lodge a complaint — with your local data protection authority (in the EU) or the UK Information Commissioner's Office (ICO).

Under CCPA / CPRA (California)

• Right to know — request the categories and specific pieces of personal information we have collected about you, the sources, the business purposes, and the categories of third parties we share with.
• Right to delete — request deletion of personal information we hold about you.
• Right to correct — request correction of inaccurate personal information.
• Right to opt out of sale or sharing — we do not sell or share personal information as those terms are defined under CCPA/CPRA, so this right is not directly applicable. We have nothing for you to opt out of.
• Right to limit use of sensitive personal information — we do not knowingly collect sensitive personal information as defined under CPRA.
• Right to non-discrimination — we will not discriminate against you for exercising any of these rights.

Under PIPEDA (Canada)

• Right to access — request access to the personal information we hold about you and information about how it is used and to whom it is disclosed.
• Right to challenge accuracy — challenge the accuracy and completeness of your personal information and request correction.
• Right to file a complaint — with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

How to exercise these rights

Email [email protected] with the subject line "Privacy rights request" and describe what you would like us to do. We will respond within 30 days (faster where required by law). We may need to verify your identity before acting on the request — typically by replying to the email address associated with the data we hold.

We use cookies sparingly:

• Strictly necessary cookies — Cloudflare may set short-lived cookies for security purposes (e.g. detecting automated abuse, issuing bot challenges). These are essential for the site to operate safely.
• No analytics, advertising, or tracking cookies — we do not use Google Analytics, Facebook Pixel, LinkedIn Insight Tag, Hotjar, or any cross-site tracking technology. If we add privacy-respecting analytics in the future (e.g. Cloudflare's cookieless Web Analytics), we will update this policy.

Because we do not use non-essential cookies, no cookie consent banner is currently required under GDPR or the EU ePrivacy Directive. If this changes, you will see a consent banner before any non-essential cookies are set.

We use reasonable administrative, technical, and physical safeguards to protect personal information against unauthorized access, alteration, disclosure, or destruction:

• All site traffic is encrypted via TLS (HTTPS) at the edge, using Cloudflare-issued certificates.
• Inquiry data is transmitted from the site to Resend via TLS and from Resend to recipients with SPF + DKIM + DMARC authentication on the getailabs.org domain.
• Cloudflare provides DDoS mitigation, WAF protection, and rate limiting at the network edge.
• Source code is stored in GitHub under access controls; production secrets (e.g. API keys) are stored as encrypted environment variables in Cloudflare Pages.

No system is perfectly secure. If we become aware of a personal data breach affecting your information, we will notify you and the relevant authorities where required by law (within 72 hours under GDPR Art. 33).

This site is not directed at children under 16, and we do not knowingly collect personal information from children. If you believe a child has submitted personal information through this site, contact us at [email protected] and we will delete it.

We may update this policy occasionally — for example, to reflect new processors, new data flows, or changes in applicable law. When we do, we will update the "Last updated" date at the top of this page. Material changes will be highlighted at the top of the page for a reasonable period.

We do not maintain a notification list for privacy-policy changes. We recommend checking this page when revisiting the site after a substantial period.

For any privacy question, rights request, or concern about how we handle your data:

• Email: [email protected] — with subject line beginning "Privacy" for fastest routing.
• Postal mail: requests for postal contact information will be honored on a case-by-case basis; reach us by email first.

G.E.T AI Labs operates as a subsidiary of GodsEye Technologies. Privacy matters specific to either entity should be sent to the email address above.