Skip to main content

New case study: How we helped a Fortune 500 company reduce cloud costs by 35% Read more →

Privacy Policy

Last Updated: December 29, 2025

BURAK Consulting and Advisory ("BURAK," "we," "us," or "our") is committed to maintaining the trust and confidence of our clients, visitors, and partners. This Privacy Policy outlines how we collect, use, process, and safeguard your personal information when you visit our website (burak-consulting.com) or engage with our management and technology consulting services, including AI & Automation, Cloud & Cybersecurity, and Digital Transformation.

We comply with global data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and the Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information We Collect

We collect information to provide better services to all our users. The types of information we collect include:

A. Information You Provide Directly

  • Contact Information: Name, business email address, phone number, and mailing address.
  • Professional Information: Company name, job title, industry, and business needs.
  • Account Credentials: Usernames and passwords if you access client portals.
  • Payment Data: Billing addresses and payment method details (processed via secure third-party payment processors).
  • Communications: Content of emails, feedback forms, or consultation requests.

B. Information Collected Automatically

  • Device & Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, and access times.
  • Location Data: General geographic location (city/country) derived from your IP address.

C. Information from Third Parties

We may receive information about you from public databases, marketing partners, and social media platforms (e.g., LinkedIn) to identify prospective clients relevant to our services.

2. How We Use Your Information

We process your data based on specific legal grounds:

Purpose of Processing Legal Basis (GDPR/UK)
Service Delivery: Providing consulting, AI strategies, and project management. Performance of Contract
Communication: Responding to inquiries and sending administrative info. Legitimate Interests
Marketing: Sending newsletters, whitepapers, and webinar invitations. Consent (where required) or Legitimate Interests
Security: Preventing fraud and ensuring network security. Legitimate Interests
AI & Improvement: Analyzing data to improve our algorithms and service models. Legitimate Interests
Legal Compliance: Fulfilling regulatory obligations (tax, investigations). Legal Obligation

3. AI and Data Ethics

As a firm specializing in AI & Automation, we hold ourselves to high ethical standards regarding data use in artificial intelligence:

  • Non-Training on Client Confidential Data: We do not use proprietary client data to train public foundation models without explicit, written permission.
  • Bias Mitigation: We strive to ensure that any personal data used in our automation workflows is processed fairly to avoid discriminatory outcomes.
  • Transparency: If you are interacting with an AI-driven chatbot or automated support system on our site, we will disclose this interaction clearly.

4. Disclosure of Your Information

We do not sell your personal information. We may share your data with:

  • Service Providers: Third parties who provide IT infrastructure, cloud hosting (e.g., AWS, Azure), CRM services, and payment processing.
  • Professional Advisors: Lawyers, auditors, and insurers.
  • Legal Authorities: When required by law, subpoena, or to protect the safety of our firm or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, client data may be transferred as a business asset.

5. International Data Transfers

BURAK Consulting is headquartered in Canada. Your information may be processed in Canada, the United States, or other countries where our service providers operate.

  • For EEA/UK Residents: We ensure appropriate safeguards are in place for cross-border transfers, such as the European Commission’s Standard Contractual Clauses (SCCs) or reliance on adequacy decisions (e.g., Canada’s adequacy status under GDPR).
  • For Canadian Residents: We may transfer personal information to service providers outside of Canada (including the U.S.). While outside Canada, your information is subject to the laws of that jurisdiction.

6. Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements.

  • Client Data: Retained for the duration of the engagement plus a limitation period (typically 7 years).
  • Marketing Data: Retained until you opt-out or withdraw consent.

7. Your Privacy Rights

Depending on your location, you have specific rights regarding your data.

A. GDPR (EEA & UK)

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of data.
  • Right to Restriction: Limit how we use your data.
  • Right to Portability: Receive your data in a structured format.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.

B. CCPA/CPRA (California Residents)

  • Right to Know: You may request the specific pieces of personal information we have collected about you in the past 12 months.
  • Right to Delete: Request deletion of your personal information.
  • Right to Opt-Out: We do not sell personal data. However, you may opt out of "sharing" for cross-context behavioral advertising (if applicable).
  • Non-Discrimination: We will not treat you differently for exercising your rights.
  • Categories Collected: In the last 12 months, we have collected: Identifiers (Name, Email), Commercial Information (Services purchased), Internet Activity (Browsing history), and Professional Information.

C. PIPEDA (Canada)

  • Access & Correction: You have the right to access your file and challenge the accuracy of the information.
  • Withdraw Consent: You may withdraw consent for secondary purposes (marketing) at any time.

To exercise any of these rights, please contact us at privacy@burak-consulting.com.

8. Cookies and Tracking Technologies

We use cookies to enhance your experience.

  • Essential Cookies: Required for the site to function.
  • Analytics Cookies: Help us understand site usage (e.g., Google Analytics).
  • Marketing Cookies: Used to deliver relevant ads.

You can manage your cookie preferences through your browser settings. Your browser may offer a "Do Not Track" signal; however, we do not currently respond to DNT signals as there is no universal standard.

9. Security Measures

We implement industry-standard technical and organizational measures to protect your data, including encryption (SSL/TLS), access controls, and regular security assessments. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our services are B2B (Business-to-Business) and not intended for individuals under 18. We do not knowingly collect data from minors.

11. Contact Us

If you have questions about this policy or our data practices, please contact our Privacy Officer:

BURAK Consulting and Advisory

Attn: Privacy Officer

Email: privacy@burak-consulting.com

Phone: +1-647-875-8784