Privacy Policy

Last Updated: March 2026

1. Introduction

Agor AI Consulting ("Agor," "we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at agor.me (the "Site"), interact with our AI chatbot, schedule appointments, read our blog, or otherwise use our services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the Services immediately.

2. Data We Collect

We collect information that you provide directly to us and information collected automatically when you use our Services:

  • Identity Data: Name, email address, phone number, company name, job title, and other contact information you provide when scheduling consultations, submitting contact forms, or otherwise communicating with us.
  • Communication Data: Messages, prompts, and queries you send through our AI chatbot, including appointment requests, service inquiries, and any other content you choose to share during chatbot interactions.
  • Calendar Data: Appointment scheduling information including selected dates and times, meeting topics, time zone, and any notes you provide when booking a consultation through our Google Calendar integration.
  • Technical Data: IP address, browser type and version, operating system, device type, screen resolution, referring URL, pages visited, time spent on pages, click patterns, and other usage analytics collected automatically when you access the Site.
  • Blog Interaction Data: Pages viewed, articles read, and engagement patterns with our blog content.

3. Legal Basis for Processing

We process your personal data only when we have a valid legal basis to do so. Depending on the specific processing activity, we rely on one or more of the following:

  • Consent: Where you have given clear, affirmative consent for us to process your personal data for a specific purpose, such as subscribing to communications or using our AI chatbot. You may withdraw consent at any time by contacting us.
  • Contract Performance: Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract, such as scheduling a consultation or delivering consulting services.
  • Legitimate Interest: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes improving our Services, ensuring Site security, analyzing usage patterns, and marketing our consulting services to existing clients.
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject, such as tax reporting, responding to lawful requests from public authorities, or maintaining business records.

4. How We Use Your Data

We use your personal data for the following purposes:

  • To provide, operate, and maintain our consulting services and respond to your inquiries
  • To schedule, confirm, and manage appointments through our Google Calendar integration
  • To process and respond to your AI chatbot interactions in real time
  • To improve, personalize, and optimize our AI chatbot, website, and overall user experience
  • To send you information about our services, updates, and industry insights (with your consent where required)
  • To detect, prevent, and address technical issues, fraud, or security incidents
  • To comply with applicable legal obligations, regulations, and lawful requests
  • To enforce our Terms of Service and protect our rights, property, or safety
  • To analyze aggregate, anonymized usage data for business intelligence and service improvement

5. AI Chatbot and Automated Decision-Making

Our website features an AI-powered chatbot built on Google's Gemini AI platform with function-calling capabilities. We believe in transparency about how this technology operates:

  • How It Works: When you interact with our chatbot, your messages are sent to Google's Gemini API for processing. The AI generates responses based on its training data and the context of our consulting services. The chatbot can also execute functions such as scheduling appointments on Google Calendar.
  • Data Processing: Your chatbot conversations are processed by Google's Gemini AI in accordance with Google's data processing terms. We retain chat logs on our servers for quality assurance, service improvement, and troubleshooting purposes.
  • No Automated Consequential Decisions: The chatbot does not make automated decisions that produce legal effects or similarly significant effects on you. It assists with scheduling and answering inquiries but does not autonomously make decisions about service eligibility, pricing, or contract terms.
  • Human Oversight: All significant business decisions, including consulting proposals, pricing, and service agreements, are made by humans. You may request human review of any chatbot interaction by contacting us directly.
  • Limitations: AI-generated responses may not always be accurate or complete. The chatbot is not a substitute for professional advice. We do not sell chatbot conversation data to third parties.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activity on our Site. Cookies are small data files placed on your device that help us improve the Site and your experience.

  • Essential Cookies: Required for the Site to function properly. These cannot be disabled without affecting Site functionality. They include session management and security cookies.
  • Analytics Cookies: Help us understand how visitors interact with our Site by collecting information about pages visited, time spent, and navigation patterns. We use this data in aggregate to improve our Site.
  • Functional Cookies: Remember your preferences and settings, such as language or region, to provide a more personalized experience.

You can control cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or alert you when a cookie is being set. Note that disabling cookies may affect the functionality of certain features on our Site. Our Site does not currently respond to "Do Not Track" browser signals, as there is no industry-wide standard for compliance.

7. Third-Party Services

We integrate with the following third-party services that may collect or process data in connection with our Services:

  • Google Calendar API: For appointment scheduling, calendar invites, and meeting management. Subject to Google's Privacy Policy.
  • Google Gemini AI: For AI chatbot functionality and natural language processing. Subject to Google's AI terms and data processing agreements.
  • Netlify: For website hosting, serverless functions, deployment, and related infrastructure. Subject to Netlify's Privacy Policy and Data Processing Agreement.
  • Nodemailer (Gmail SMTP): For sending transactional emails such as appointment confirmations and contact form responses.

Each third-party service operates under its own privacy policy. We encourage you to review the privacy practices of these services. We are not responsible for the privacy practices of third-party providers, though we select partners that we believe maintain appropriate data protection standards.

8. International Data Transfers

Agor AI Consulting is based in the United States. If you access our Services from outside the United States, your personal data may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from those of your jurisdiction. By using our Services, you consent to the transfer of your data to the United States. Where required by applicable law, we implement appropriate safeguards for international data transfers, including standard contractual clauses approved by relevant authorities, to ensure your data receives an adequate level of protection regardless of where it is processed.

9. Data Security

We implement commercially reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Secure hosting infrastructure through Netlify with enterprise-grade security controls
  • Access controls limiting data access to authorized personnel only
  • Regular review and updating of our security practices
  • Secure API authentication for all third-party service integrations

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any credentials you use to access our Services.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Specific retention periods include:

  • Chatbot Logs: Retained for 90 days, unless you request earlier deletion or we need to retain them for a longer period to comply with legal obligations.
  • Contact Form Submissions: Retained for the duration of our business relationship plus any legally required retention period.
  • Calendar and Appointment Data: Retained for as long as necessary to manage the appointment and any follow-up, then deleted within a reasonable period thereafter.
  • Technical and Analytics Data: Retained in aggregate or anonymized form for up to 24 months for trend analysis and service improvement.

When personal data is no longer required, we securely delete or anonymize it so that it can no longer be associated with you.

11. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) or equivalent legislation:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request deletion of your personal data, subject to certain legal exceptions.
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of your data or object to processing.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • Right to Object: You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your country of residence if you believe our processing of your personal data violates applicable data protection law.

To exercise any of these rights, please contact us at privacy@agor.me. We will respond to your request within 30 days, or within the timeframe required by applicable law.

12. Your Rights Under CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with additional rights regarding your personal information:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share your information.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: You have the right to request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise your California privacy rights, contact us at privacy@agor.me. We will verify your identity before fulfilling your request and respond within 45 days as required by law.

13. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at privacy@agor.me and we will take steps to delete such information. If we become aware that we have collected personal data from a child under 18 without verification of parental consent, we will take steps to remove that data from our servers promptly.

14. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and relevant supervisory authorities without undue delay and, where feasible, within 72 hours of becoming aware of the breach, as required by applicable law. Notification will include a description of the nature of the breach, the categories and approximate number of individuals affected, the likely consequences, and the measures taken or proposed to address the breach.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page and, where required by law, provide you with notice of the changes (such as by posting a prominent notice on our Site or sending you a notification). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. Your continued use of the Services after any changes constitutes your acceptance of the revised Privacy Policy.

16. Severability

If any provision of this Privacy Policy is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such invalidity, illegality, or unenforceability shall not affect any other provision of this Privacy Policy, and the remaining provisions shall continue in full force and effect.

17. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us at:

We aim to respond to all legitimate inquiries within 30 days. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may also contact your local data protection authority.