Artemis GTM ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our GTM audit service, website, and related tools.
1. Information We Collect
We collect the following types of information:
Personal Information
- Contact Information: Name, work email address, job title
- Company Information: Company name, industry, size, and domain (derived from your email)
Business Metrics
- Revenue data, deal sizes, sales cycle length
- Team size, win rates, pipeline coverage
- Other GTM metrics you voluntarily provide
Technical Data
- Browser type and version
- Device information and operating system
- IP address (collected and stored in full — see "Visitor Identification" below)
- Pages visited and usage patterns
Visitor Identification Data
If you consent to analytics/identification cookies, we use your IP address to identify the company you are visiting from (company name, domain, industry, size). We do not anonymize your IP address; it is stored so that we can perform and audit this identification.
For visitors located outside the EEA, the UK, and Switzerland, we may also resolve the visit to a named individual, including business name, business email address, job title, and (where available) business phone number, using the third-party providers listed in Section 5. We do not perform person-level identification for visitors in the EEA, UK, or Switzerland — identification there is limited to company-level (firmographic) data.
See our opt-out page to request that your IP and traffic be excluded from identification, and Section 8 for your rights, including the right to object.
2. How We Use Your Information
We use the collected information to:
- Generate your personalized GTM audit analysis
- Research your company to provide relevant recommendations
- Identify the company (and, outside the EEA/UK/Switzerland, the individual) visiting our site so we can follow up with relevant outreach
- Send internal alerts to our team via Slack when an identified visitor matches our ideal customer profile or shows high intent
- Process payments for premium features (via Stripe)
- Send transactional emails related to your audit
- Improve our AI models and service quality
- Contact you about product updates (only with your consent)
- Respond to your inquiries and support requests
3. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), we process your data under the following legal bases:
- Consent: For analytics cookies and marketing communications
- Contract: To provide the GTM audit service you requested
- Legitimate Interest: To improve our service and prevent fraud
Data Collected Indirectly (GDPR Article 14)
Where we identify an individual without collecting their data directly from them (for example, by enriching a website visit), the personal data — such as name, business email, job title, and company — is obtained from the third-party sources named in Section 5 (including IPinfo/ipapi, Amplemarket, and Warmly), as well as those providers' own public and licensed datasets.
You have the right to object to this processing and to request erasure of personal data we hold about you (see Section 8), and you may use our opt-out page to be excluded from identification.
4. Data Storage & Security
Your data is stored securely using industry-standard encryption (AES-256 at rest, TLS 1.3 in transit). We use Supabase for our database, which provides enterprise-grade security and is SOC 2 Type II certified.
We retain personal data only as long as needed for the purposes described in this policy. Retention periods by category are:
- Audit data and account information: up to 24 months from your last activity, so you can return to your results.
- Visitor identification & enrichment data (company, and where applicable individual contact details derived from your IP): up to 24 months from your last activity. The raw enrichment payloads and raw IP records we receive from our providers are purged sooner, typically within 90 days.
- Billing and transaction records: retained as required by tax and accounting law (typically up to 7 years).
- Analytics and usage data: up to 24 months.
You may request deletion of your data at any time (see Section 8).
5. Third-Party Services
We share data with, or receive data from, the following processors and recipients to provide our service:
- Supabase: Database hosting and authentication
- Stripe: Secure, PCI-DSS compliant payment processing
- IPinfo / ipapi: IP geolocation, used to map your IP to a company domain and location
- Amplemarket: Company and (outside the EEA/UK/Switzerland) person-level enrichment, deriving contact details such as name, business email, and job title
- Warmly: Website visitor identification and intent data
- HubSpot: CRM and contact management, where identified visitor and lead records are stored
- Slack: Internal alerts to our team about identified, ICP-matched, or high-intent visitors
- Analytics providers: Aggregate site usage analytics
- AI Services: Company research and analysis generation (data is not retained by AI providers)
These services have their own privacy policies and data protection measures.
6. Cookies & Tracking
We use cookies and similar technologies:
Essential Cookies
Required for the website to function. These cannot be disabled.
- Session management and authentication
- Form submissions and CSRF protection
- Cookie consent preferences
Analytics Cookies
Help us understand how visitors use our website. Requires consent.
- Page views and user journey tracking
- Feature usage analytics
Marketing Cookies
Used for affiliate tracking. Requires consent.
- Affiliate link attribution
You can manage your cookie preferences at any time using our cookie banner or your browser settings.
7. Affiliate Disclosure
Some tool recommendations in our audit contain affiliate links. We may earn a commission if you sign up through these links at no additional cost to you. This does not influence our recommendations, which are based solely on your audit inputs and industry best practices.
8. Your Rights
Depending on your location, you may have the following rights:
GDPR Rights (EU/EEA/UK)
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("Right to be Forgotten")
- Portability: Receive your data in a structured format
- Objection: Object to processing based on legitimate interest
- Restrict Processing: Request limitation of processing
- Withdraw Consent: Withdraw consent at any time
CCPA/CPRA Rights (California)
- Know: Right to know what personal information is collected
- Delete: Right to delete personal information
- Correct: Right to correct inaccurate personal information
- Opt-Out: Right to opt out of the "sale" or "sharing" of personal information
- Limit: Right to limit use of sensitive personal information
- Non-Discrimination: Right to non-discrimination for exercising rights
"Sale" and "sharing" of personal information. Under the CCPA/CPRA, our practice of identifying website visitors and disclosing visitor and contact data to enrichment and advertising partners (such as Amplemarket, Warmly, and HubSpot) may be treated as a "sale" or "sharing" of personal information, even though we do not receive money for it. You can opt out at our opt-out / Do Not Sell or Share page, which excludes your IP and traffic from identification.
Notice at collection. At or before the point of collection, we collect the categories of personal information described in Section 1 (identifiers including IP address, professional/employment information such as job title and employer, and internet activity) for the purposes described in Section 2. We retain this information for the periods described in Section 4. We do not knowingly sell or share the personal information of consumers under 16.
9. Data Transfers
Your data may be transferred to and processed in countries outside your residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
10. Children's Privacy
Our service is intended for business professionals and is not directed at individuals under 18. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date and, for material changes, by email or prominent notice on our website.
12. Contact Us
For privacy-related inquiries or to exercise your rights, please contact us:
- Email: privacy@artemisgtm.ai
- General Inquiries: hello@artemisgtm.com
We aim to respond to all privacy requests within 30 days.
Want to see how we help B2B companies grow? Run a free GTM diagnostic or explore our services.