Legal

Privacy Policy

Version 1.0 · Effective date: 18 June 2026

Who we are

AiActs is operated by Aimperia. If you have any questions about this policy, contact us at privacy@aiacts.ai. General operator and consumer information is published in the Legal Notice.

What we collect

When you request beta access or create an account, we collect your email address, company name, and job role. When you use the platform, we process the information you provide about your AI systems in order to generate compliance reports.

How we use it

We use your information solely to manage your access to AiActs and to communicate with you about the product. We do not use your data for advertising or profiling purposes.

Who we share it with

We do not sell your data. We may share it with service providers who help us operate the platform: hosting, transactional email, LLM report generation, application logging, support mailbox and optional analytics after consent. Paid billing and CDN providers are documented as disabled/planned and must not be activated without DPA and transfer review. See the External Processors register.

Where it is stored

Your data is stored on servers located in the European Union.

How long we keep it

We retain account and assessment data for as long as your account is active. You may request deletion or anonymisation at any time. Security, legal, accepted-contract and financial records, if any, may be retained where required by law or legitimate security interests. Detailed retention periods are published in the Retention Policy.

Your rights

Under GDPR, you have the right to access, correct, or delete your personal data at any time. You also have the right to object to processing and to lodge a complaint with your local data protection authority. To exercise any of these rights, email us at hello@aiacts.ai. We will respond within 30 days.

Cookies

AiActs uses necessary storage for login, security and service operation. Analytics and marketing cookies or similar browser storage are optional and are not enabled unless you accept them in the cookie banner. You can reject optional categories without losing access to the service.

Changes

We may update this policy. We will notify registered users by email of any material changes.

GDPR Open Beta Addendum

AiActs EU test deployment is configured as a GDPR-first service. Users can manage consent, export data, request deletion/anonymisation, restrict non-essential processing and opt out of profiling in Account → Privacy & Data.

The planned hosting country may be outside the EU/EEA. Where data is transferred to a third country without an adequacy decision, AiActs intends to rely on Standard Contractual Clauses, data minimisation and a transfer impact assessment before production release.

See also: Consent Document, External Processors, Retention Policy and Legal Notice.