Privacy Policy

Last updated: 2026-04-06

1. Data Controller

Blockchain and Marketing Solutions EOOD ("we", "us", "our") is the data controller responsible for your personal data collected through the AI Visibility service at aivisibilityshop.com.

Registered address: Nessebar, Bulgaria
Email: office@workerlab.ai
VAT: BG206543210

2. What Data We Collect

We collect the following categories of personal data:

- Contact information: email address, name (when provided)
- Website information: URL, niche/industry
- Payment information: processed securely by Stripe; we do not store credit card numbers
- Technical data: IP address, browser type, device information
- Consent records: timestamps and status of your privacy/terms/marketing consents
- Communication data: messages sent through the contact form

3. Purpose and Legal Basis

We process your data for the following purposes:

- Contract performance (Art. 6(1)(b) GDPR): to deliver the AI Visibility audit service you purchased
- Legitimate interest (Art. 6(1)(f) GDPR): to improve our services, prevent fraud, and ensure security
- Consent (Art. 6(1)(a) GDPR): for marketing communications, when you opt in
- Legal obligation (Art. 6(1)(c) GDPR): to comply with tax, accounting, and regulatory requirements

4. Data Processors

We share your data with the following third-party processors:

- Stripe Inc. (USA) — payment processing. Stripe is certified under the EU-US Data Privacy Framework.
- Hetzner Online GmbH (Germany) — hosting infrastructure, data stored in the EU.
- Email service provider — for transactional and notification emails.
- Analytics tools — only activated after your explicit consent (see Section 7).

5. Data Retention

We retain your personal data for the following periods:

- Order and transaction data: 7 years (legal/tax obligation)
- Lead/contact form data: 2 years or until you request deletion
- Analytics data: 26 months
- Consent records: retained for the duration of the relationship plus 3 years

After the retention period, data is securely deleted or anonymized.

6. International Transfers

Your data is primarily stored on servers located in Germany (Hetzner). Payment data is processed by Stripe, which may transfer data to the USA under the EU-US Data Privacy Framework.

We do not transfer your data to any other third countries without appropriate safeguards (Standard Contractual Clauses or adequacy decisions).

7. Cookies and Tracking

We use a consent banner to manage cookies and tracking technologies.

- Essential cookies: required for the site to function (no consent needed)
- Analytics cookies (GA4): only activated after your explicit consent
- Marketing pixels (Meta): only activated after your explicit consent

You can withdraw your consent at any time through the consent settings on our website.

8. Your Rights

Under the GDPR, you have the following rights:

- Right of access: request a copy of your personal data
- Right to rectification: correct inaccurate data
- Right to erasure: request deletion of your data
- Right to restrict processing: limit how we use your data
- Right to data portability: receive your data in a structured format
- Right to object: object to processing based on legitimate interest
- Right to withdraw consent: for marketing communications at any time

To exercise any of these rights, contact us at office@workerlab.ai. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

- TLS encryption for all data in transit
- Encrypted database storage
- Access controls and authentication
- Regular security reviews

10. Supervisory Authority

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Commission for Personal Data Protection (CPDP) of Bulgaria or the supervisory authority in your country of residence.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page with the updated date. Material changes will be communicated via email to existing customers.