Skip to content
Orosfort← Back to the edition
Legal — The RecordLast updated · 12 June 2026

Privacy Policy

This Privacy Policy explains how Orosfort ("Orosfort", "we", "us") collects, uses, and protects personal data when you visit https://orosfort.com, contact us, or engage our services. We collect only what we need, we never sell your personal data, and we tell you plainly what we do with it.

1. Who we are

Orosfort is a B2B digital marketing agency providing Generative Engine Optimization (GEO) and AI-powered outbound (AI SDR) services. For the purposes of applicable data protection law, Orosfort is the data controller for personal data processed through this website and in our own marketing. When we run outbound campaigns on behalf of a client, we act as a processor under that client's instructions.

Questions about this policy can be sent to contact@orosfort.com.

2. Information we collect

We collect the following categories of personal data:

  • Information you give us: when you submit the audit/booking form or email us, we collect your name, work email, company, website, your area of interest, and anything you include in your message.
  • Information collected automatically: basic, privacy-respecting technical data such as IP address, browser and device type, pages viewed, and referring URLs, collected via server logs and (if enabled) analytics.
  • Business contact data for outreach: when delivering AI SDR services to a client, we process business contact details (such as name, role, business email, and company) sourced from the client, public sources, and reputable data providers.

3. How we use your information

  • To respond to your enquiry and prepare your AI-visibility audit.
  • To provide, operate, and improve our services and this website.
  • To send service communications and, where permitted, relevant marketing — which you can opt out of at any time.
  • To run outbound campaigns on behalf of clients, on a legitimate-interest basis, always with a clear opt-out in every message.
  • To comply with legal obligations and to protect our rights, security, and systems.

4. Legal bases for processing

Where the GDPR or UK GDPR applies, we rely on one or more of the following legal bases: your consent; performance of a contract with you; our legitimate interests in operating and growing a B2B business (balanced against your rights); and compliance with a legal obligation. Where we rely on legitimate interests for B2B outbound, we limit processing to business contact data relevant to a genuine business proposition and honour opt-outs promptly.

5. How we share information

We do not sell your personal data. We share it only with:

  • Service providers and sub-processors who help us run our business (for example, hosting, email delivery and deliverability tooling, scheduling, and analytics), under contracts that require appropriate safeguards.
  • Clients, where you have responded to a campaign we run on their behalf.
  • Authorities or third parties where required by law, or to protect rights, safety, and security.
  • A successor entity in connection with a merger, acquisition, or sale of assets, subject to this policy.

6. International transfers

We and our service providers may process data in countries other than your own. Where personal data is transferred across borders, we use appropriate safeguards such as Standard Contractual Clauses or transfers to jurisdictions recognised as providing adequate protection.

7. Data retention

We keep personal data only for as long as necessary for the purposes described in this policy, to comply with legal obligations, resolve disputes, and enforce agreements. Enquiry data is retained while we are in contact and for a reasonable period afterwards; outbound suppression (opt-out) records are kept as long as needed to honour your request.

8. Your rights

Depending on your location, you may have the right to access, correct, delete, restrict, or object to our processing of your personal data, to data portability, and to withdraw consent at any time. You also have the right to opt out of marketing and outbound communications using the unsubscribe link in any message.

To exercise any right, email contact@orosfort.com. We will respond within the time required by applicable law. If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection supervisory authority.

9. Cookies

We use a minimal set of cookies and similar technologies. See our Cookie Policy for details and how to manage your preferences.

10. Security

We use reasonable technical and organisational measures to protect personal data, including encryption in transit, access controls, and vetting of our service providers. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Children

This website and our services are intended for businesses and professionals. They are not directed to children, and we do not knowingly collect personal data from anyone under 16.

12. Changes to this policy

We may update this policy from time to time. We will post the updated version here and revise the “Last updated” date. Material changes will be highlighted where appropriate.

13. Contact us

For any privacy question or request, contact us at contact@orosfort.com. Postal address: [registered business address].