Privacy Policy

Data Controller

This Privacy Policy applies to the website rahimli.pro and all services offered by Rahimli Tech Solutions, operated by Tural Rahimli (Brand Owner), with offices in Baku, Azerbaijan and Sherman Oaks, California, USA.

Field	Details
Business name	Rahimli Tech Solutions
Brand Owner	Tural Rahimli
Office — Azerbaijan	14 Fatali Khan Khoyski Avenue, Narimanov District, Baku, Azerbaijan
Office — United States	15233 Ventura Blvd, Ste 500, Sherman Oaks, CA 91403, USA
Website	rahimli.pro
Contact email	info@rahimli.pro

Because we serve visitors and clients globally — including from the European Economic Area, the United Kingdom, California, and the wider United States — this policy is designed to comply with the GDPR, the California Consumer Privacy Act (CCPA) / CPRA, and applicable US federal and state privacy principles.

What We Collect

We collect only the data necessary to provide our services and operate this website effectively. This includes:

Category	Data Types	Source
Contact data	Name, email address, phone number, message content	You provide it via contact form, email, or chat widget
Booking data	Name, email, selected time slot, meeting notes	Google Calendar booking widget on /tural
Usage data	Pages visited, time on site, browser type, device type, referral source, IP address (anonymised)	Automatically collected via Google Analytics (only with your consent)
Chat widget data	Messages you send to our AI chat assistant	Entered voluntarily in the on-site chat widget
Cookie preferences	Your consent decision (granted/denied)	Stored locally in your browser's localStorage
Technical data	Server logs, error logs (IP addresses, timestamps)	Automatically collected by hosting and CDN infrastructure (Cloudflare)

We do not collect sensitive personal data such as health information, financial account numbers, government IDs, racial or ethnic origin, political opinions, or biometric data.

How We Use Your Data

We use personal data for the following purposes:

• Responding to enquiries — to reply to messages sent via contact forms, email, or the chat widget.
• Scheduling meetings — to confirm and manage bookings made through Google Calendar.
• Providing IT services — to deliver contracted or agreed services to clients.
• Website analytics — to understand how visitors use rahimli.pro and improve the experience (only with your prior consent).
• Legal compliance — to comply with applicable laws, regulations, and legal obligations.
• Security and fraud prevention — to protect the website and users from malicious activity.

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

We do not sell, rent, or trade your personal data to any third party.

Legal Basis for Processing (GDPR)

EU / EEA — GDPR Article 6

For visitors and clients in the European Economic Area, we process personal data on the following legal bases:

Processing Activity	Legal Basis (GDPR Art. 6)
Responding to contact form enquiries	Art. 6(1)(b) — Necessary for steps prior to entering a contract
Delivering contracted IT services	Art. 6(1)(b) — Performance of a contract
Google Analytics / website statistics	Art. 6(1)(a) — Your explicit consent
AI chat widget responses	Art. 6(1)(b) / 6(1)(f) — To answer your enquiry / legitimate interest
Security logging and fraud prevention	Art. 6(1)(f) — Legitimate interests
Compliance with legal obligations	Art. 6(1)(c) — Legal obligation

Where processing is based on your consent (e.g. analytics cookies), you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

Cookies & Analytics

We use cookies and similar technologies on rahimli.pro. By default, all analytics and advertising cookies are disabled until you provide explicit consent via the cookie banner.

Cookie / Technology	Purpose	Consent Required
rts_consent (localStorage)	Stores your cookie preference decision	No — functional
Google Analytics (GA4)	Website usage analytics — pages visited, session data, device type	Yes
Cloudflare	Security, DDoS protection, performance — may set technical cookies	No — strictly necessary
Google Calendar embed	Booking widget on /tural — Google may set cookies	Subject to Google's Privacy Policy
Google Fonts	Web typography — your IP address is shared with Google to deliver fonts	Strictly necessary for display

You can withdraw or update your cookie consent at any time by clearing your browser's localStorage for rahimli.pro, or by using your browser's built-in cookie controls.

For more information about Google Analytics data collection, see Google's Privacy Policy. To opt out of Google Analytics across all websites, use the Google Analytics Opt-out Browser Add-on.

Data Sharing & Third Parties

We keep data sharing to an absolute minimum. We do not sell your personal data, we do not use any CRM or marketing platform, and we do not share your data with advertisers, data brokers, or any third party for commercial purposes.

To run this website and respond to you, we rely only on a small number of essential service providers, who act as our data processors and are bound to use your data solely to provide their service to us:

• Google LLC (USA) — Google Analytics (usage data, with consent only), Google Calendar (booking data), and Google Fonts (typography — loading fonts shares your IP address with Google). Data is subject to Google's Privacy Policy.
• Cloudflare, Inc. (USA) — CDN, security, and DDoS protection. All traffic to rahimli.pro passes through Cloudflare, which may temporarily process IP addresses. See Cloudflare's Privacy Policy.
• AI chat backend — Messages you send via the on-site chat widget are forwarded to our own secure API proxy at api.rahimli.pro, which relays them to Groq, Inc. (USA) to generate a response using a large language model. Chat messages are processed solely to produce a reply. They are not used for marketing, not sold, and not used to train models.

We may also disclose personal data where required by law, court order, or to protect the rights and safety of Rahimli Tech Solutions, its clients, or the public.

Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law.

Data Type	Retention Period
Contact enquiry emails	Up to 3 years, or until request for deletion
Client service records	Up to 5 years after end of engagement (for legal/tax purposes)
Google Analytics data	14 months (configured at GA4 level)
Booking records (Google Calendar)	Subject to Google's retention policies; we delete on request
AI chat messages	Processed transiently to generate a reply; not retained for marketing
Server / security logs	Up to 90 days
Cookie consent preference	Until you clear browser storage

After the applicable retention period, personal data is securely deleted or anonymised.

Your Rights — GDPR (EU/EEA)

Applies to EU / EEA residents

If you are located in the European Union or European Economic Area, the General Data Protection Regulation (GDPR) gives you the following rights:

To exercise any of these rights, please contact us at info@rahimli.pro. We will respond within 30 days of receiving your request. We may ask you to verify your identity before processing the request.

If you believe we have not handled your data lawfully, you also have the right to complain to a supervisory authority. EU/EEA residents can find their national Data Protection Authority via the European Data Protection Board (EDPB) members list. UK residents can contact the Information Commissioner's Office (ICO).

California Privacy Rights (CCPA / CPRA)

California Residents

If you are a resident of California, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific privacy rights regarding your personal information.

Categories of personal information we collect (as defined under CCPA):

• Identifiers — name, email address, IP address
• Internet or electronic network activity — browsing behaviour on rahimli.pro (with consent only)
• Communications — messages sent via contact form or chat widget
• Professional or employment-related information — role or company name if voluntarily provided

Your California rights include:

• Right to Know — request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, our purposes for collection, and any third parties with whom we share it.
• Right to Delete — request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Correct — request correction of inaccurate personal information.
• Right to Opt-Out of Sale or Sharing — we do not sell or share your personal information as defined under CCPA. No opt-out is necessary, but you may assert this right at any time.
• Right to Limit Use of Sensitive Personal Information — we do not collect sensitive personal information as defined under CPRA.
• Right to Non-Discrimination — we will not discriminate against you for exercising any of your CCPA rights. We will not deny services, charge different prices, or provide a different level of service based on your exercise of privacy rights.
• Right to Use an Authorized Agent — you may designate an authorized agent to submit a request on your behalf. We may require the agent to provide proof of authorization and may ask you to verify your own identity directly.

To submit a request, contact us at info@rahimli.pro with the subject line "California Privacy Request". We will verify your identity and respond within 45 days, with a possible extension of an additional 45 days where reasonably necessary.

Global Privacy Control (GPC). Some browsers and extensions can send an automated Global Privacy Control signal indicating that you wish to opt out of the sale or sharing of your personal information. Because we do not sell or share personal information for cross-context behavioural advertising, there is nothing for the signal to opt out of — but we honour it regardless and treat it as a valid opt-out request where applicable.

United States Privacy (General)

United States

For visitors from the United States (outside California), we apply the same data minimisation and transparency principles described throughout this policy. While the US does not yet have a single comprehensive federal privacy law equivalent to GDPR, we follow best practices aligned with:

• The FTC Act — we do not engage in unfair or deceptive privacy practices.
• The CAN-SPAM Act — we do not send unsolicited commercial emails. Any email communication from us is in direct response to your enquiry.
• The Children's Online Privacy Protection Act (COPPA) — see Section 12 below.
• Applicable state privacy laws — including Virginia (CDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and others — we extend the rights described in this policy to residents of those states to the extent required by law.

Residents of US states with comprehensive privacy legislation may contact us at info@rahimli.pro to exercise applicable rights including access, deletion, correction, and opt-out of any data sale (which we do not conduct).

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• HTTPS encryption (TLS) for all data in transit on rahimli.pro
• Cloudflare-provided DDoS protection and Web Application Firewall
• Rate limiting and prompt injection guards on our AI chat API
• Access controls limiting who can access data systems
• Regular security reviews of infrastructure

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and relevant supervisory authorities as required by applicable law (within 72 hours under GDPR).

Children's Privacy

Our website and services are directed at business professionals and are not intended for children under the age of 16 (or under 13 in the United States under COPPA).

We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@rahimli.pro and we will promptly delete it.

International Data Transfers

Rahimli Tech Solutions operates from Baku, Azerbaijan and Sherman Oaks, California, USA. Some of our service providers — including Google, Cloudflare, and Groq — process data in the United States and other countries outside the EEA.

Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) — as adopted by the European Commission, used by our processors for international transfers.
• Adequacy decisions — transfers to countries recognised by the European Commission as providing adequate protection, where applicable.

You may request further information about international transfer safeguards by contacting us at info@rahimli.pro.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make significant changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this page periodically. Your continued use of rahimli.pro after changes are posted constitutes your acceptance of the updated policy.

For material changes that require your consent (e.g. changes to how we use analytics data), we will request renewed consent via the cookie banner or other appropriate mechanism.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please reach out: