AllAI is committed to protecting your data and ensuring compliance with the General Data Protection Regulation (GDPR) and other European data protection laws.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, across the European Union (EU) and European Economic Area (EEA). It gives EU citizens greater control over their personal data and imposes strict obligations on organizations that collect, process, or store personal data.
Even though AllAI is based in India, we are committed to GDPR compliance because we serve users from the EU/EEA and believe in the highest standards of data protection.
Under GDPR, you have several important rights regarding your personal data. Here's how you can exercise them:
You have the right to request confirmation of whether we process your personal data and, where we do, access to the personal data.
You have the right to have inaccurate personal data rectified and incomplete personal data completed.
You have the right to have your personal data erased in certain circumstances, also known as the "right to be forgotten".
You have the right to restrict the processing of your personal data in certain circumstances.
You have the right to receive your personal data in a structured, commonly used, machine-readable format.
You have the right to object to the processing of your personal data in certain circumstances.
Under GDPR, we must have a legal basis for processing your personal data. Here are the bases we rely on:
Processing is necessary for the performance of our contract with you (providing AI services).
Processing is necessary for our legitimate interests, provided these interests do not override your fundamental rights.
You have given clear consent for us to process your personal data for a specific purpose.
Processing is necessary for compliance with a legal obligation to which we are subject.
Your data may be transferred to and processed in countries outside the EU/EEA. We ensure all transfers comply with GDPR requirements:
Note: All international data transfers are conducted in compliance with GDPR Chapter V requirements, using appropriate safeguards such as Standard Contractual Clauses and adequacy decisions.
We have appointed a Data Protection Officer to ensure GDPR compliance and handle your data protection inquiries:
You can contact our DPO directly for any GDPR-related questions, concerns, or to exercise your rights.
In the unlikely event of a data breach that affects your personal data, we are committed to:
If you suspect a data breach, please contact us immediately at security@allai.co.in.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
You can request deletion of your data at any time, and we will process your request within 30 days.
If you believe we have not addressed your GDPR concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority. In the EU, you can find your authority at:
We encourage you to contact us first to resolve any issues, but you have the right to contact supervisory authorities directly.
We have implemented comprehensive measures to ensure GDPR compliance:
Our commitment to GDPR compliance is ongoing, and we regularly review and update our practices to ensure continued compliance.
For GDPR-related inquiries, data subject requests, or any privacy concerns, please contact us:
We aim to respond to all GDPR-related inquiries within 48 hours during business days.
At AllAI, we view GDPR compliance not just as a legal requirement, but as a fundamental commitment to protecting your privacy and data rights. We are dedicated to maintaining the highest standards of data protection and will continue to evolve our practices to meet and exceed GDPR requirements.