Data Privacy Protocols

AI bees takes data privacy very seriously, values and complies with the governing laws and regulations in pertinent jurisdictions. We hold the highest standards in running our business in compliance to the requirements and obligations of our partners and customers. Below are our compliance protocols, policies, and privacy guidelines.

Commonly Asked Questions

How does AI bees comply in developing leads?

AI bees is a service provider and tech company, acting on behalf or as instructed by its customers in relation to running campaigns in order to help them get more business. 

In generating new business, also known as leads, for our customers, if instructed to get leads within a certain jurisdiction requiring it, we make our standard Data Protection Addendum available to the contract in compliance with the California Consumer Privacy Act or CCPA and  General Data Protection Regulation or GDPR, among other frameworks. 

AI bees is categorized as a “Processor” under pertinent data protection legislation. We use the protected cookies or data exclusively as per customer’s documented instructions. As we process the protected data, AI bees is responsible for (but not limited to):

  • Handling all protected data that is considered sensitive or personal, as confidential customer information,
  • Amending, correcting, or deleting Protected Data as per customer’s request and ensures that all processes of Protected Data are correct and up-to-date,
  • Upon the customer’s direction, assist and cooperate in conducting data protection impact assessments and relative consultations with Supervisory Authorities,
  • Ensuring reliability of all personnel that process Protected Data.

Does AI bees comply with GDPR?

Yes, AI bees complies with GDPR. Most of AI bees campaigns aim to target customers beyond the scope of European Union. However, in instances where AI bees engages with individuals within E.U, the company complies with GDPR. AI bees is regarded as a “data processor” with respect to the GDPR regulations and it complies with such requirements.
AI bees works with a partner network for E.U. targeted campaigns, all of which comply with their own GDPR protocols. AI bees only works with companies that put in place such protocols and have been vetted and verified by AI bees. Though AI Bees does not directly get opt-ins from those targeted individuals, a secure processing of all information has been put in place through a secured data processing software. 

Partners of AI bees who execute campaigns in the E.U. use their leverage of explicit opt-in data to target business contacts that have legitimate interests in the offered services.

Does AI bees comply with CCPA?

Yes, AI bees complies with CCPA. Being a trusted vendor, we generate leads only in conformance to the parameters and instructions given to us on behalf of the customers, and not resell any information given to us. It is important to note that AI bees only treats personal data within the context of business-to-business, which is not covered by the CCPA until 2021.

How does AI bees collect its data?

AI bees handle a compliant and proprietary database of all information about business professionals and companies used to execute customers’ campaigns within North America and other regions beyond the jurisdiction of GDPR. The list is a mix of commercial and publicly available sources and enhanced targeting our validation technology and data cleansing to make sure that each contact is up-to-date and relevant. 

We evaluate our sources of all information to ensure that they gather personal data and offer contacts the capacity to request the removal of their individual profile from AI bees’ database. All data that we source is for business information only. The customer’s personal information is not present in the proprietary database.

How does AI bees use personal data in all campaigns?

On behalf of AI bees’ customers, we use various industry-standard marketing outreach like digital advertising, email, and through the phone. All data used to target individuals comes from the proprietary database of AI bees or those of its compliant and vetted partners. 

All contact information is lawfully obtained, and individuals may opt out of any or that of AI bees campaigns. AI bees’ approach to target business individuals markets and identifies only to such individuals who are most likely interested in the content or relevant services being promoted.   

For digital outreach such as emails or web pages, we also provide links to the detailed privacy policies and even opt-out links. For outreach via phone, opt-out links are verbally provided. AI bees comply with the opt-out requests and it also maintains a do-not-contact or DNC list on behalf of the customers. When relevant, AI bees share those DNC lists with its vendors so they too can no longer reach out to those individuals. We also share the “delete my data” requests with customers when asked. 

Because we act as data processors on behalf of our customers, our privacy policy no longer applies to the use or collection of the leads. Instead, we work with our customers to give them their own applicable data privacy policy to those engaged in the campaigns. We link to the customer’s privacy policy in any emails that we send out to the leads to ensure our customers’ practices on handling data are disclosed to the lead compliantly. In cases when clients did not provide a privacy policy, AI bees’ detailed privacy policy from its publishing brand is always attached in all outbound communications.

Does AI bees maintain a “record of processing” or “data inventory”?

Yes. The foundation of any privacy program is documenting and understanding why and how personal data is gathered or received, shared, and stored, as required by some frameworks like the GDPR. We maintain an inventory of data that shows the details of how we ingest the types of personal data that we handle, the purposes of collecting and using data, where vendors support processing of personal data, and where AI bees is a processor or data controller, among other considerations. The documentation of data inventory evolves as our obligations to our business and data protection do.  

Is AI bees qualified to handle requests related to data privacy?

Yes. AI bees are equipped to complete and field privacy requests, whenever individuals might ask to call into use their rights to personal data access or deletion, as offered by frameworks like the CCPA or GDPR. Where AI bees handle data processing, personal data management on behalf of or at the customer’s direction, we are also able to assist our customers with requests regarding privacy where procedural or technical limitations require it.       

For privacy requests, please email us at

Under GDPR, is AI bees required to complete the data protection impact assessments (DPIAs)?

No. AI bees manage low volumes of European personal data, and where it does, this specific information (i.e. name, firmographics, business contact information) and the way in which these data are used do not present risks that are high level against the freedom and the rights of the targeted individuals. Hence, under GDPR, a DPIA is not required. On one hand, our privacy program was made by initially completing a privacy impact assessment to make sure it promotes data protection by design, data minimization, lawful and transparent processing, and purpose limitation.

Does AI bees have a DPO (Data Protection Officer)?

No. This requirement by the GDPR is not applicable to AI bees, for the same reasons why a DPIA is not a requirement. However, we have a Data Privacy Team that is dedicated to maintaining our privacy program in compliance with the laws and regulations.

Does AI bees implement breach reporting procedures?

Yes. AI bees has security incident protocols and monitoring mechanisms that help us identify, triage, and allow us to escalate any potential data breaches as they occur. Our policies are in place to direct us  whenever there’s an impacted party that needs to be informed, including what the content of the message would be.

Does AI bees comply with the Canadian Anti-Spam Law (CASL)?

Yes. AI bees complies with CASL. When AI bees generate leads in Canada, we including our partners’ network conduct outreach only via phone, unless we have sourced leads from professionals who had a prior relationship with your business, or those who have expressed their consent that they be contacted via email or other forms of commercial messaging that are covered by law.    

How does AI bees maintain its privacy program?

All AI bees personnel undergo training on data privacy and they are bound to strictest confidentiality terms. Aside from this, we also have published internal procedures and policies that provide information to our workforce about AI bees’ customer expectations and privacy obligations, and guidance on how they would comply and uphold our privacy controls and standards.