GHOSTMANAGER.AI

Privacy Policy

Effective Date: 01 August 2025

This Privacy Policy describes how GhostManager ("we," "us," or "our") collects, uses, and discloses your personal information when you visit our website ghostmanager.ai, use our services, or interact with us. We are committed to protecting your privacy and handling your personal information in a transparent and lawful manner.

1. Who We Are

GhostManager LLC, compliance@ghostmanager.ai

2. What Personal Information We Collect

We may collect and process various types of personal information about you, depending on how you interact with our website and services.

A. Information You Provide Directly to Us

  • Contact Information: Name, email address, Telegram handle, postal address, phone number.
  • Account Information: your project details, documents we create as a result of research and development upon your request, and your payment options.
  • Communications: Information you provide when you communicate with us, such as your messages to us, your product or project ideas, feedback or responses.

B. Information Collected Automatically (via Cookies and Tracking Technologies):

  • Device Information: IP address, device type, operating system, browser type.
  • Usage Data: our pages visited, links clicked, time spent on pages, referral URL, search terms.
  • Location Data: General geographic location derived from your IP address.
  • Online Identifiers: Cookie identifiers, unique device identifiers.

C. Information from Other Sources:

We may receive information from third-party services, partners, or publicly available sources.

D. Sensitive Personal Information (under CCPA/CPRA):

We generally do not collect sensitive personal information (e.g., social security numbers, precise geolocation, health information, racial or ethnic origin, religious or philosophical beliefs, union membership) unless explicitly provided by you for a specific purpose (e.g., for specific service delivery) and with your explicit consent where required. If we do, its use will be limited to the purposes for which it was collected.

3. Purposes and Legal Bases for Processing Your Personal Information

We collect and process your personal information for the following purposes and under the following legal bases:

To Provide and Maintain Our Services:

Purpose: To operate our website, deliver products/services, process transactions, and provide customer support.

Legal Basis (GDPR): Performance of a contract with you or to take steps at your request before entering into a contract.

To Improve Our Website and Services:

Purpose: To understand how users interact with our website, troubleshoot issues, and enhance user experience.

Legal Basis (GDPR): Our legitimate interests (e.g., to improve our offerings, understand user behavior).

For Marketing and Advertising:

Purpose: To send you promotional communications, personalize content, and display targeted advertisements.

Legal Basis (GDPR): Your consent (where required), or our legitimate interests (e.g., to promote our business to existing customers, direct marketing within legal limits).

To Communicate with You:

Purpose: To respond to your inquiries, send updates, and provide important notices.

Legal Basis (GDPR): Performance of a contract, legitimate interests, or your consent.

For Security and Fraud Prevention:

Purpose: To detect and prevent fraudulent activities, protect our systems, and ensure the security of our users.

Legal Basis (GDPR): Our legitimate interests (e.g., to protect our business, comply with security obligations) or legal obligation.

To Comply with Legal Obligations:

Purpose: To meet legal, regulatory, or governmental requests and to enforce our terms and conditions.

Legal Basis (GDPR): Compliance with a legal obligation.

4. How We Share Your Personal Information

We may share your personal information with the following categories of third parties:

  • Service Providers: Third-party vendors who perform services on our behalf (e.g., hosting, payment processing, analytics, marketing, customer support). These providers are contractually obligated to protect your data and only use it for the purposes we specify.
  • Business Partners: With whom we collaborate on specific products, services, or promotions.
  • Affiliates: Other companies within our corporate group.
  • Legal & Regulatory Authorities: When required by law, court order, or to protect our rights, property, or safety.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

For California Residents (CCPA/CPRA):

We do not "sell" or "share" your personal information in exchange for monetary compensation. However, we may "share" your personal information for cross-context behavioral advertising, which may be considered a "sale" or "sharing" under California law. You have the right to opt-out of such sharing. Please see Section 6 for details.

We disclose the following categories of personal information to third parties for business purposes:

  • Identifiers
  • Commercial Information
  • Internet Activity

The categories of third parties to whom this information is disclosed are [e.g., analytics providers, advertising partners, payment processors]:

5. International Data Transfers (GDPR)

If we transfer your personal information outside of the European Economic Area (EEA) to countries not deemed to provide an adequate level of data protection by the European Commission, we will do so based on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Binding Corporate Rules (BCRs).
  • Your explicit consent.
  • Other lawful mechanisms as permitted by GDPR.

We ensure that such transfers comply with GDPR requirements and that your personal information remains protected.

6. Your Data Protection Rights

You have various rights regarding your personal information, depending on your location and applicable laws.

A. For EU/EEA Residents (GDPR Rights):

  • Right to be Informed: You have the right to receive clear, transparent, and easily understandable information about how we use your personal information and your rights.
  • Right of Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal information we hold about you.
  • Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal information under certain circumstances.
  • Right to Restrict Processing: You have the right to request that we limit the way we use your personal information under certain circumstances.
  • Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
  • Right to Object: You have the right to object to the processing of your personal information in certain situations (e.g., for direct marketing purposes).
  • Rights in relation to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except under certain conditions.
  • Right to Withdraw Consent: If we are relying on your consent to process your personal information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the EU/EEA Member State of your habitual residence, place of work, or the place of the alleged infringement.

B. For California Residents (CCPA/CPRA Rights):

  • Right to Know: You have the right to request that we disclose to you the personal information we have collected, used, shared, or sold about you, including:
    • Categories of personal information collected.
    • Specific pieces of personal information collected.
    • Categories of sources from which personal information is collected.
    • Business or commercial purpose for collecting, selling, or sharing personal information.
    • Categories of third parties to whom we disclose personal information.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell or share your personal information to third parties. We provide a prominent "Do Not Sell or Share My Personal Information" link on our website homepage and in our cookie banner for this purpose.
  • Right to Limit Use and Disclosure of Sensitive Personal Information: You have the right to direct us to limit the use and disclosure of your sensitive personal information to certain purposes.
  • Right to Correct Inaccurate Personal Information: You have the right to request the correction of inaccurate personal information we maintain about you.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To Exercise Your Rights, please contact us using the contact details provided in Section 1. We will respond to your request in accordance with applicable laws. We may need to verify your identity before processing your request.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information, and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, loss, misuse, alteration, or destruction. These measures include encryption, access controls, regular security assessments. However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure.

9. Children's Privacy

Our website and services are not intended for children under the age of 18. We do not knowingly collect personal information from children without parental consent. If we become aware that we have collected personal information from a child without verifiable parental consent, we will take steps to remove that information from our records.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new Privacy Policy on our website and updating the "Effective Date" at the top of this policy. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us by email: compliance@ghostmanager.ai.