Privacy Policy
Your privacy is our priority. Learn how we protect your data and ensure compliance with privacy regulations.
Last updated: September 21, 2025
AI Compliance Advisor ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI compliance assessment services.
We are committed to transparency and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other privacy regulations.
Personal Information:
- Name and contact information (email address)
- Company information and job title
- AI system details and compliance requirements
- Assessment responses and compliance data
Usage Information:
- Website usage and interaction data
- Assessment completion times and patterns
- Feature usage and preferences
We use the information we collect to:
- Provide AI compliance assessment services
- Generate personalized compliance reports and recommendations
- Improve our services and user experience
- Communicate with you about our services
- Ensure compliance with legal obligations
- Prevent fraud and maintain security
We do not sell, trade, or otherwise transfer your personal information to third parties, except:
- With your explicit consent
- To trusted service providers who assist in operating our services
- To comply with legal obligations or court orders
- To protect our rights, property, or safety
- In connection with a business transfer or merger
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with legal obligations.
Retention Periods:
- Account Information: 3 years after last interaction
- Assessment Data: 7 years for compliance and audit purposes
- Payment Information: 7 years for financial record keeping
- Communication Records: 3 years after last contact
- Analytics Data: Anonymized and retained indefinitely
After these periods, data is either securely deleted or anonymized for statistical purposes.
We process your personal data based on the following legal grounds and for specific purposes:
Legal Basis for Processing:
- Contract Performance: To provide our compliance assessment services
- Legitimate Interest: To improve our services and prevent fraud
- Explicit Consent: For marketing communications and optional features
- Legal Obligation: To comply with regulatory requirements
Processing Purposes:
- Service delivery and account management
- Compliance assessment and report generation
- Customer support and communication
- Service improvement and analytics
- Legal compliance and regulatory reporting
Your data may be processed in countries outside the European Economic Area (EEA). We ensure adequate protection through appropriate safeguards:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions for countries with equivalent data protection standards
- Binding corporate rules for intra-group transfers
- Certification schemes and codes of conduct
You can request details about specific safeguards and transfer locations by contacting us.
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.
Security Measures Include:
- End-to-end encryption for data transmission
- Secure cloud infrastructure with SOC 2 compliance
- Multi-factor authentication and access controls
- Regular security audits and penetration testing
- Employee training on data protection
- Incident response and breach notification procedures
However, no method of transmission over the internet is 100% secure.
We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and provide personalized content.
Types of Cookies We Use:
- Essential Cookies: Required for basic site functionality
- Analytics Cookies: Help us understand how visitors use our site
- Preference Cookies: Remember your settings and preferences
- Marketing Cookies: Used for targeted advertising (with consent)
You can control cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.
Under applicable privacy laws, you have the right to:
- Access your personal information
- Correct inaccurate or incomplete information
- Request deletion of your personal information
- Restrict processing of your information
- Data portability
- Object to processing
- Withdraw consent
- Lodge a complaint with supervisory authorities
To exercise these rights, please contact us at tonci.zilic19@gmail.com
We will respond to your request within 30 days. If you're not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.
In the unlikely event of a data breach that affects your personal information, we will notify you and relevant authorities in accordance with legal requirements.
Our Breach Response Process:
- Immediate containment and investigation of the breach
- Assessment of potential risks to your rights and freedoms
- Notification to supervisory authorities within 72 hours
- Direct notification to affected individuals without undue delay
- Implementation of remedial measures to prevent future breaches
Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.
If you believe we have collected information from a child under 16, please contact us immediately. We will take steps to delete such information and terminate any accounts associated with it.
Email: tonci.zilic19@gmail.com
Contact Form: /contact
Data Protection Officer: For complex privacy matters, you can also reach our designated data protection contact at the same email address.