consulti.ai

GDPR Compliance

Last updated: April 10, 2026

1. Our Commitment

Consulti is committed to compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page explains how we process personal data, the legal basis for that processing, and how data subjects can exercise their rights.

2. Data Controller

Consulti (operated by Lead Gen Jay LLC) is the data controller for personal data processed through the consulti.ai platform. For data protection inquiries, contact us at privacy@consulti.ai.

3. Legal Basis for Processing

We process personal data under the following legal bases:

  • Contractual necessity (Art. 6(1)(b)): Processing account data of registered users is necessary to provide the services you signed up for.
  • Legitimate interest (Art. 6(1)(f)): Processing of B2B contact data is based on the legitimate interest of facilitating business-to-business communication. This data consists of professional business contact information (work email, job title, company) sourced from publicly available records and licensed data providers. We have conducted a balancing test and determined that the processing does not override the rights and freedoms of data subjects, given the professional nature of the data and the availability of an opt-out mechanism.
  • Consent (Art. 6(1)(a)): Where applicable, such as for marketing communications to our registered users.

4. Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15): Request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
  • Right to erasure (Art. 17): Request deletion of your personal data from our systems, including removal from our B2B contact database.
  • Right to restriction (Art. 18): Request that we limit how we process your data while a complaint or request is being resolved.
  • Right to data portability (Art. 20): Request your data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21): Object to processing of your data based on legitimate interest. We will cease processing unless we have compelling legitimate grounds.

5. Data Removal Requests

If you are a business professional whose information appears in our B2B contact database and you would like to be removed, please submit a request using one of the following methods:

We will process your request within 30 days and confirm removal by email. Removed records are added to a suppression list to prevent re-addition from future data imports.

Verify your email

We'll send a verification code to confirm your email address.

6. Data Processing Activities

We process the following categories of personal data:

CategoryData TypesPurpose
User accountsName, email, auth credentialsService delivery
BillingStripe customer ID, plan, invoicesPayment processing
B2B contactsName, work email, job title, company, locationB2B lead search for platform users
Usage dataIP, browser, pages visited, searchesAnalytics and improvement

7. International Data Transfers

Our platform is hosted in the United States. If you are accessing the Platform from the European Economic Area (EEA) or the United Kingdom, your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) and our service providers' compliance frameworks to ensure adequate protection for international data transfers.

8. Data Processing Agreements

We maintain Data Processing Agreements (DPAs) with our key service providers, including Supabase, Stripe, and Vercel, to ensure GDPR-compliant data handling. If you require a DPA for your organization's use of Consulti, contact us at privacy@consulti.ai.

9. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account closure.
  • B2B contact data: Retained and updated on an ongoing basis. Removed promptly upon valid erasure request and added to a suppression list.
  • Billing records: Retained for up to 7 years as required by tax and accounting regulations.
  • Usage logs: Retained for up to 12 months for analytics purposes, then anonymized or deleted.

10. Supervisory Authority

If you are located in the EEA or UK and believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with your local Data Protection Authority. We encourage you to contact us first at privacy@consulti.ai so we can address your concern directly.

11. Contact

For any GDPR-related inquiries, data access requests, or removal requests, contact our data protection team at privacy@consulti.ai. We aim to respond to all requests within 30 days.