Effective date: 1 January 2024
At DoelAI (“we”, “us”, or “our”), we are committed to protecting the privacy and security of your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This GDPR Compliance Policy outlines how we collect, use, disclose, and store personal data, as well as your rights regarding your data.
1. Data Collection and Processing
We collect and process personal data for specified, explicit, and legitimate purposes, and we do not process data in a manner that is incompatible with those purposes. The types of personal data we collect may include:
- Contact information (e.g., name, email address, phone number)
- User preferences and settings
- Usage data and analytics
- Payment information (for subscription-based services)
We collect personal data directly from you when you provide it to us or when you use our services. We may also collect data automatically through cookies and similar technologies when you interact with our website or services.
2. Lawful Basis for Processing
We process personal data based on one or more lawful bases as defined in the GDPR, including:
- Consent: When you provide explicit consent for specific processing activities.
- Contract: When processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
- Legitimate interests: When processing is necessary for our legitimate interests or the legitimate interests of third parties, provided that such interests are not overridden by your rights and interests.
3. Data Protection Measures
We implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data, including:
- Encryption of data during transmission and at rest
- Access controls and authentication mechanisms
- Regular security assessments and audits
- Employee training on data protection and privacy best practices
4. Data Subject Rights
Under the GDPR, you have certain rights regarding your personal data, including the right to:
- Access: Request access to your personal data and information about how it is processed.
- Rectification: Request correction of inaccuracies or incomplete data.
- Erasure: Request erasure of your personal data under certain circumstances.
- Restriction: Request restriction of processing of your personal data under certain circumstances.
- Data portability: Request a copy of your personal data in a structured, commonly used, and machine-readable format.
- Object: Object to processing of your personal data under certain circumstances, including processing for direct marketing purposes.
5. Data Transfers
We may transfer personal data to countries outside the European Economic Area (EEA) or Switzerland. When we do so, we ensure that appropriate safeguards are in place to protect the data, such as standard contractual clauses approved by the European Commission or other appropriate mechanisms.
6. Data Breach Notification
In the event of a data breach involving personal data that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected individuals in accordance with GDPR requirements.
7. Contact Us
If you have any questions or concerns about our GDPR Compliance Policy or our data processing practices, please contact us at support@doelai.com.
By using our services, you consent to the collection, processing, and storage of your personal data as described in this policy. We reserve the right to update or modify this policy at any time without prior notice.