GDPR Compliance
aisona.tech is committed to full compliance with GDPR and protecting the privacy rights of all individuals in the European Union.
Our GDPR Commitment
We have implemented comprehensive measures to ensure full compliance with GDPR for all personal data processing activities related to our AI services.
GDPR Principles
Lawfulness and Transparency
We process personal data lawfully, fairly, and transparently.
Implementation:
- Clear privacy notices and consent mechanisms
- Transparent data processing purposes
- Legal basis identified for each activity
- Regular compliance audits
Purpose Limitation
Data collected only for specified, legitimate purposes.
Implementation:
- Data used only for AI service delivery
- Clear communication of data use
- No incompatible further processing
- Regular purpose reviews
Data Minimization
Only minimum necessary data collected and processed.
Implementation:
- Collection limited to service requirements
- Regular data audits
- Automated retention policies
- Privacy by design architecture
Data Accuracy
Personal data kept accurate and up to date.
Implementation:
- User account self-service updates
- Data quality validation
- Prompt error corrections
- Regular accuracy reviews
Storage Limitation
Data kept only as long as necessary.
Implementation:
- Automated retention schedules
- Regular deletion of expired data
- Clear retention periods
- Secure destruction procedures
Security
Appropriate technical and organizational security measures.
Implementation:
- End-to-end encryption
- Advanced access controls
- Security testing and assessments
- Incident response procedures
Your Rights Under GDPR
As a data subject, you have specific rights regarding your personal data:
Right of Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your data
Right to Data Portability
Receive data in structured format
Right to Restrict Processing
Limit how we process your data
Right to Object
Object to processing based on legitimate interests
Exercise Your Rights
To exercise any rights, chat with our AI assistant 24/7. We verify identity and respond within 30 days.
Legal Basis for Processing
Under GDPR, we must have a legal basis for processing personal data:
Contract Performance
Processing necessary to provide AI services
Examples:
- Account management
- Service delivery
- Technical support
- Billing
Legitimate Interests
Processing for legitimate business interests
Examples:
- Service improvement
- Security monitoring
- Analytics
- Fraud prevention
Legal Compliance
Processing required by law
Examples:
- Tax obligations
- Regulatory reporting
- Legal requests
- Audit requirements
Consent
Processing based on explicit consent
Examples:
- Marketing communications
- Optional features
- Research participation
International Data Transfers
Our services may require transferring data outside the EEA. We ensure adequate protection through:
Safeguards:
- • Standard Contractual Clauses
- • Adequacy decisions
- • Technical measures
- • Regular monitoring
Recipients:
- • Cloud providers
- • Payment processors
- • Analytics services
- • Support tools
Data Breach Response
Our Response Process
Detection
- • 24/7 monitoring
- • Immediate assessment
- • Risk evaluation
Notification
- • Authority within 72 hours
- • Affected individuals if high risk
- • Clear communication
Recovery
- • Immediate containment
- • System recovery
- • Preventive measures
GDPR Questions?
For GDPR-related questions, data requests, or to exercise privacy rights, our AI chat agent is available 24/7.
💬 Chat with our AI GDPR Assistant
Get instant help with data requests, GDPR questions, deletion requests, or privacy concerns.
Business Address: 37 Evagora Palikaridi, Limassol, Cyprus
Phone: +357 (97) 888-064