Privacy Policy
Last Updated: December 29, 2025
BURAK Consulting and Advisory ("BURAK," "we," "us," or "our") is committed to maintaining the trust and confidence of our clients, representatives, and partners. This Privacy Policy outlines how we collect, use, process, and safeguard your information when you visit our Website (burak-consulting.com) or engage our Services.
We comply with global data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Personal Information Protection and Electronic Documents Act (PIPEDA), specifically within the context of our Global Network of Specialized Consultants and Independent Contractors.
1. Global Data Processing & Network Disclosure
A core component of our service delivery is our curated global network. By using our services, you explicitly consent to the processing and transfer of your data to our specialized consultants located in key global markets.
- Localized Management: Your primary point of contact (Lead Strategist) typically operates locally to ensure compliance and data governance.
- Global Execution: To leverage specific expertise, data may be accessed by our vetted independent consultants in Canada, USA (North America), India (Asia), and UAE (Middle East).
- Strict Vetting: All consultants in our global network are bound by strict Non-Disclosure Agreements (NDAs) and Data Processing Addendums (DPAs) that mirror the obligations we hold to you.
2. Information We Collect
We collect information to provide better services to all our clients. The types of information we collect include:
A. Information You Provide Directly
- Contact Information: Name, business email address, phone number, and mailing address.
- Professional Information: Company name, job title, industry, and business needs.
- Communications: Content of emails, success stories, or consultation requests.
B. Information Collected Automatically
- Technical Data: IP addresses, browser types, and usage data when interacting with our digital assets.
C. Information from Third Parties
We may receive information about you from public databases, marketing partners, and social media platforms (e.g., LinkedIn) to identify prospective clients relevant to our services.
3. How We Use Your Information (Global Legal Basis)
We process your data based on specific legal grounds appropriate to your jurisdiction:
| Purpose of Processing | Global Legal Justification |
|---|---|
|
Service Delivery Providing consulting, AI strategies, and project management. |
|
|
Communication Responding to inquiries and sending administrative info. |
|
|
Marketing Sending newsletters, whitepapers, and webinar invitations. |
|
|
Security Preventing fraud and ensuring network security. |
|
|
AI & Improvement Analyzing data to improve our algorithms and service models. |
|
|
Legal Compliance Fulfilling regulatory obligations (tax, investigations). |
Global: Compliance with Legal Obligations |
4. AI and Data Ethics
As a firm specializing in AI & Automation, we hold ourselves to high ethical standards regarding data use in artificial intelligence:
- Non-Training on Client Confidential Data: We do not use proprietary client data to train public foundation models without explicit, written permission.
- Bias Mitigation: We strive to ensure that any professional data used in our automation workflows is processed fairly to avoid discriminatory outcomes.
- Transparency: If you are interacting with an AI-driven chatbot or automated support system on our site, we will disclose this interaction clearly.
5. Disclosure of Your Information
We do not sell your personal information. We may share your data with:
- Service Providers: Third parties who provide IT infrastructure, cloud hosting (e.g., AWS, Azure, GCP), CRM services, and payment processing.
- Professional Advisors: Lawyers, auditors, and insurers.
- Legal Authorities: When required by law, subpoena, or to protect the safety of our firm or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, client data may be transferred as a business asset.
6. International Data Transfers
Given our structure, your data may be transferred to, stored, and processed outside of your state, province, country, or other governmental jurisdiction.
- Transfers to Canada: Canada has been recognized by the European Commission as providing an adequate level of data protection (Adequacy Decision).
- Transfers to Global Network (USA, India, UAE): For transfers to our network consultants in jurisdictions without an EU Adequacy Decision, we utilize the European Commission’s Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum. This ensures your data remains protected to GDPR standards regardless of local laws.
- Inter-Company Agreements: All specialized consultants within our network are bound by strict Data Processing Agreements (DPAs) that mandate confidentiality and security standards equivalent to those provided by BURAK directly.
7. Security Measures
While our network is distributed, our security standards are centralized. We employ enterprise-grade encryption, access controls, and regular audits. However, no method of transmission over the Internet is 100% secure, and no one can guarantee absolute security.
8. Your Privacy Rights
Depending on your location (GDPR, CCPA, PIPEDA), you have rights to access, correct, or delete your personal data. To exercise these rights, or to inquire about the specifics of your data processing, please contact us.
9. Cookies and Tracking Technologies
We use cookies to enhance your experience.
- Essential Cookies: Required for the site to function.
- Analytics Cookies: Help us understand site usage.
- Marketing Cookies: Used to deliver relevant ads.
You can manage your cookie preferences through your browser settings.