Skip to main content
My StoryServicesBlogCase StudiesContact
← Back to home

Privacy Policy

Last updated: February 20, 2025

1. Introduction

Ahmad Zabir ("we," "us," or "our") operates the website at www.ahmadzabir.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you visit the Site, use our services, subscribe to our newsletter, book strategy calls, complete forms, or otherwise interact with us. By using the Site or providing information to us, you consent to the practices described in this policy.

This policy applies to all visitors, users, and clients who interact with the Site or with Ahmad Zabir in connection with the services offered. It covers personal data as defined under the General Data Protection Regulation (GDPR), personally identifiable information (PII) under U.S. law, and information that identifies, relates to, describes, or is capable of being associated with a particular consumer or household under the California Consumer Privacy Act (CCPA). We are committed to transparency and to handling your data responsibly in accordance with applicable data protection laws.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

  • Contact us: Name, email address, phone number, company name, and the content of your message.
  • Book a strategy call: Name, email address, phone number, company name, and any details you enter in the booking form (e.g., calendar preferences, meeting notes).
  • Subscribe to our newsletter: Email address and, if provided, name.
  • Complete the GTM Scorecard or other forms: Business information, contact details, and responses to assessment questions.
  • Engage in consulting or advisory services: Business data, marketing metrics, CRM data, and other information shared in the course of our engagement.

2.2 Information Collected Automatically

When you visit the Site, we and our service providers may automatically collect:

  • Device and browser information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage data: Pages visited, time spent on pages, click paths, referring URLs, and date and time of visits.
  • Cookies and similar technologies: Session cookies, persistent cookies, and local storage used for functionality, analytics, and preferences.

2.3 Information from Third Parties

We may receive information from third-party services you use to interact with us, such as:

  • Booking and scheduling platforms (e.g., LeadConnector, Calendly) when you book a call.
  • Email and marketing platforms when you subscribe or interact with our communications.
  • Analytics providers (e.g., Vercel Analytics) that report aggregated or anonymized usage data.
  • Content management systems (e.g., Sanity) that host and deliver Site content.

2.4 Sensitive Personal Information

We generally do not collect sensitive personal information such as race, ethnicity, religious beliefs, health information, biometric data, or precise geolocation. If you voluntarily provide such information in the course of an engagement or communication, we will treat it with heightened care and use it only for the purposes for which it was provided, unless we obtain your explicit consent for additional uses.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to inquiries: To answer your questions, provide requested information, and communicate with you about our services.
  • To schedule and conduct strategy calls: To manage bookings, send reminders, and facilitate meetings.
  • To deliver newsletters and marketing communications: To send you updates, insights, and promotional content if you have opted in.
  • To provide consulting and advisory services: To deliver fractional CMO, GTM, and revenue engine services under our engagement agreements.
  • To improve the Site: To analyze usage patterns, fix technical issues, and enhance user experience.
  • To comply with legal obligations: To meet regulatory, tax, or legal requirements.
  • To protect our rights: To enforce our terms, prevent fraud, and protect against misuse of the Site.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA) or United Kingdom, we process your personal data based on:

  • Consent: When you subscribe to our newsletter, book a call, or explicitly agree to receive communications.
  • Contract performance: When processing is necessary to perform our services or take steps at your request before entering a contract.
  • Legitimate interests: To operate the Site, improve our services, and communicate with you about relevant offerings, where such interests are not overridden by your rights.
  • Legal obligation: When we must process data to comply with applicable law.

5. Cookies and Tracking Technologies

The Site uses cookies and similar technologies for:

  • Essential functionality: Enabling core features such as navigation and form submission.
  • Analytics: Understanding how visitors use the Site (e.g., Vercel Analytics). Analytics may collect anonymized or pseudonymized data.
  • Preferences: Remembering your settings and choices.

You can control cookies through your browser settings. Disabling certain cookies may limit Site functionality. We do not use cookies for third-party advertising or to sell your data.

Do Not Track: Some browsers offer a "Do Not Track" (DNT) signal. There is no universally accepted standard for how websites should respond to DNT signals. We do not currently respond to DNT signals, but we honor your choices regarding cookies and analytics as described above. You may also opt out of certain analytics through your browser or device settings.

6. Data Sharing and Disclosure

We do not sell your personal information. We do not sell, rent, or trade your name, email address, phone number, or any other personal data to third parties for their marketing or any other purpose. Your phone numbers are not shared with or sold to third parties.

We may share your information only in the following limited circumstances:

  • Service providers: Hosting (Vercel), analytics (Vercel Analytics), CMS (Sanity), booking platforms (e.g., LeadConnector), email/marketing tools, and SMS delivery providers. These providers process data on our behalf under contractual obligations and only for the purposes we specify. They do not use your information for their own marketing or sell your data.
  • Legal authorities: When required by law, court order, or to protect our rights, safety, or property.
  • Professional advisors: Lawyers, accountants, or auditors when necessary for our business operations.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred to the new owner (under the same privacy commitments).

7. Data Retention

We retain your information only as long as necessary for the purposes described in this policy:

  • Contact and inquiry data: Retained for the duration of our communication and for a reasonable period thereafter (typically up to seven years) for record-keeping, dispute resolution, and legal compliance.
  • Newsletter subscribers: Retained until you unsubscribe or request deletion. We will process deletion requests within thirty (30) days.
  • Booking and engagement data: Retained for the duration of our relationship and for legal, tax, or contractual requirements afterward. Tax and financial records may be retained for seven (7) years or as required by applicable law.
  • Analytics and logs: Typically retained in aggregated or anonymized form; raw logs may be retained for a limited period (e.g., 90 days) for security, debugging, and fraud prevention.
  • Legal obligations: Some data may be retained longer when required by law, including regulatory requirements, litigation holds, or government requests.

When retention periods expire, we securely delete or anonymize your personal information so that it can no longer be used to identify you, except where we are required or permitted to retain it by law.

8. Data Security

We implement reasonable technical and organizational measures to protect your personal information, including:

  • Use of HTTPS and encryption in transit.
  • Secure hosting and infrastructure (e.g., Vercel).
  • Access controls and limited access to personal data.
  • Regular review of our security practices.

No method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but strive to protect your information from unauthorized access, alteration, disclosure, or destruction.

9. International Data Transfers

Your information may be processed in countries other than your own, including the United States, where our service providers operate. These countries may have different data protection laws. When we transfer data from the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or UK authorities, adequacy decisions, or other mechanisms recognized under applicable law.

By providing your information to us, you consent to the transfer of your data to countries that may not provide the same level of data protection as your country of residence. Where required, we will implement supplementary measures to ensure that your data receives an adequate level of protection in the destination country.

10. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Restriction: Request that we limit how we use your data.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: Withdraw consent where processing is based on consent.
  • Complaint: Lodge a complaint with a supervisory authority (e.g., in the EEA or UK).

To exercise these rights, contact us at AhmadZabir14@gmail.com. We will respond within a reasonable timeframe as required by applicable law.

11. Children's Privacy

The Site is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us and we will take steps to delete it.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected, used, shared, or sold.
  • Right to delete personal information (subject to exceptions).
  • Right to correct inaccurate personal information.
  • Right to opt out of the sale or sharing of personal information (we do not sell personal information).
  • Right to limit use and disclosure of sensitive personal information.
  • Right to non-discrimination for exercising your privacy rights.

To exercise these rights, contact us at AhmadZabir14@gmail.com. We will verify your identity before processing requests. We will not discriminate against you for exercising your privacy rights. You may designate an authorized agent to submit requests on your behalf; we may require verification of the agent's authority.

13. Nevada Privacy Rights

Nevada residents may opt out of the sale of certain covered information. We do not currently sell covered information as defined under Nevada law. If you have questions about Nevada privacy rights, contact us at AhmadZabir14@gmail.com.

14. Data Breach Notification

In the event of a data breach that affects your personal information and that poses a reasonable risk of harm to you, we will notify you and, where required by law, relevant supervisory authorities, without undue delay. Notification may be made by email, prominent notice on the Site, or other appropriate means. We will provide information about the nature of the breach, the data involved, and steps you can take to protect yourself.

15. Marketing Preferences and Opt-Out

If you have opted in to receive marketing communications, you may opt out at any time by clicking the unsubscribe link in any email, replying with "unsubscribe," or contacting us directly. We will process opt-out requests within ten (10) business days. Note that even if you opt out of marketing, we may still send you transactional or service-related communications (e.g., confirmations, responses to inquiries, updates about your engagement).

16. SMS and Text Messaging

How we obtain SMS consent: We obtain your consent to receive SMS (text) messages when you voluntarily provide your mobile phone number and explicitly opt in—for example, by checking a box, clicking "I agree" to receive texts, or entering your number in a form that clearly states you will receive text messages from us. Consent is obtained at the point of collection (e.g., booking forms, contact forms, or signup flows) and we do not send marketing SMS without your prior express consent.

How we use your phone number and SMS: We use your phone number only to send you messages you have agreed to receive, such as appointment or strategy-call reminders, booking confirmations, follow-up messages related to your inquiry or engagement, and—only if you opted in—occasional marketing or informational messages (e.g., tips, updates, or offers). We do not use your phone number for purposes unrelated to the consent you gave.

Phone numbers are not shared or sold: We do not sell, rent, share, or disclose your phone number to third parties for their marketing or for any purpose other than as necessary to deliver messages to you (e.g., through a trusted SMS service provider that acts on our behalf under strict contractual terms). We do not sell any of your personal data, including phone numbers. Our SMS providers are prohibited from using your number for their own marketing or from selling or sharing it with others.

You may opt out of SMS at any time by replying STOP to any message or by contacting us at AhmadZabir14@gmail.com. For more on unsubscribing and message frequency, see our Terms of Service.

17. Third-Party Links

The Site may contain links to third-party websites (e.g., social media, booking platforms, external resources). We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies before providing any information.

When you click a link to a third-party site, you leave our Site and are subject to that third party's terms and privacy policy. We do not control the data collection or use practices of third parties. Any information you provide to third parties is governed by their respective policies.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the revised policy on this page and update the "Last updated" date. Material changes that affect how we use your personal information may be communicated via email (if we have your email address) or through a prominent notice on the Site.

Your continued use of the Site after we post changes constitutes your acceptance of the updated policy. If you do not agree to the revised policy, you should discontinue use of the Site and contact us to request deletion of your information where applicable. We encourage you to review this policy periodically.

19. Contact Us

For questions, requests, or concerns about this Privacy Policy or our data practices, including to exercise your rights (access, correction, deletion, portability, objection, withdrawal of consent, or to lodge a complaint), please contact:

Ahmad Zabir
Email: AhmadZabir14@gmail.com

We aim to respond to all legitimate requests within thirty (30) days. Occasionally it may take longer if your request is complex or we receive multiple requests. We will keep you informed of our progress. If you are in the EEA or UK and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.