Caspian Analytics Logo
Caspian Analytics
Dr. Emil Guliyev
πŸ“§ e.guliyev@caspiananalytics.fr
πŸ“ Lille, France
πŸ”— LinkedIn
Legal

Privacy Policy

Last updated: January 2025

Overview

This Privacy Policy describes how Caspian Analytics ("we," "our," or "us") collects, uses, and protects your personal information when you visit our website or engage our services. As an independent AI consultant, I am committed to protecting your privacy and ensuring the security of your personal data.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us, including:

  • Name and contact information (email address, phone number)
  • Company name and job title
  • Project requirements and business objectives
  • Any other information you choose to provide in communications

Website Usage Information

We may automatically collect certain information about your visit to our website, including:

  • IP address and browser information
  • Pages visited and time spent on our website
  • Referring website information
  • Device and operating system information

How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your inquiries and provide consultation services
  • To develop and deliver AI and data science solutions
  • To communicate with you about projects and services
  • To improve our website and services
  • To comply with legal obligations

Privacy by Design

I follow Privacy by Design principles, integrating privacy considerations into all aspects of my consulting practice from the outset:

  • Proactive Approach: Privacy is considered at the design stage of all solutions, not as an afterthought
  • Data Minimization: I collect and process only the minimum data necessary for project delivery
  • Purpose Limitation: Data is used only for the specific purposes agreed upon with clients
  • Privacy Engineering: Technical solutions are designed with privacy controls built-in (encryption, access controls, anonymization where appropriate)
  • Client Collaboration: I work with clients to assess privacy risks and implement appropriate safeguards for their projects

Data Protection & Security

I implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Secure data storage and backup procedures

Data Lifecycle Management

I manage personal data throughout its entire lifecycle with appropriate controls:

  • Collection: Data is collected only with explicit consent and for specified purposes
  • Processing: Data is processed within client-managed systems with appropriate security controls
  • Storage: Data is stored securely with encryption and access controls, within client systems or temporarily for project delivery
  • Retention: Data is retained only as long as necessary for the project and legal requirements (see Data Retention section)
  • Deletion: Upon project completion or upon request, data is securely deleted from local systems and temporary storage

Data Protection Impact Assessments (DPIAs)

For client projects involving high-risk data processing activities, I collaborate with clients to conduct Data Protection Impact Assessments (DPIAs) as required by GDPR. This includes:

  • Assessing the necessity and proportionality of data processing
  • Identifying and evaluating privacy risks
  • Recommending appropriate technical and organizational measures to mitigate risks
  • Documenting the assessment and safeguards implemented

As a consultant working within client systems, DPIAs are conducted in collaboration with the client, who remains the data controller for their data.

Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety
  • With trusted service providers who assist in our operations (under strict confidentiality agreements)

Subprocessors

The following third-party services are used for my business operations. Please note that client project data is processed within client-managed systems and environments:

  • Email Service Provider: For client communications (data processed in EU/France)
  • Google Analytics: Website analytics with IP anonymization enabled (GDPR-compliant configuration)
  • Cloud Platforms (Azure/AWS): When working in client systems, data is processed within client-managed accounts and environments under their security controls

Important: Client project data is processed exclusively within client-managed cloud environments. I do not maintain separate infrastructure for client data processing.

Your Rights (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing of your personal data

To exercise any of these rights, please contact me at e.guliyev@caspiananalytics.fr. I will respond to your request within one month as required by GDPR. If you are not satisfied with my response, you have the right to lodge a complaint with the French data protection authority (CNIL) or your local supervisory authority.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Project-related data may be retained for up to 7 years for business and legal purposes.

Cookies

Our website may use cookies and similar technologies to enhance your browsing experience. You can control cookie settings through your browser preferences. Essential cookies are necessary for the website to function properly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Privacy Governance

As an independent consultant, I am responsible for privacy governance and data protection. I ensure compliance with GDPR and French data protection laws (CNIL) through:

  • Regular review and updates of privacy practices and policies
  • Staying informed about changes in data protection regulations
  • Implementing Privacy by Design principles in all consulting activities
  • Collaborating with clients on privacy assessments and compliance requirements

For larger organizations or projects requiring a formal Data Protection Officer (DPO), I work with clients to ensure their DPO requirements are met within their organizational structure.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact me:

Email: e.guliyev@caspiananalytics.fr

Location: Lille, France

Data Controller: Dr. Emil Guliyev, Caspian Analytics

You also have the right to contact the French data protection authority (CNIL) at www.cnil.fr if you have concerns about how your data is processed.

Contact Us Back to Home