Privacy Policy

1. General Information

AETHON Engineering Single-Member P.C., incorporated in Greece, with seat in Athens (Leoforos Alexandras 9, 11473) owns, legally operates and manages the web platform named AI Act Automizer hosted on the website: www.aiactautomizer.com (hereinafter referred to as: AAA). If you are an AAA customer or subscriber (Company or User - see definitions below, art. 2), or just visiting our website, this policy applies to you.

2. Definitions

• User: A natural person that subscribes in AAA to use its Services.
• Data Subjects: Collectively all people of whom AAA processes their personal data.
• Services: All services described in article 5 of the Terms and Conditions.

3. Our Responsibilities

If you are a visitor to AAA we function as the "data controller" of personal data. If you are a User using the Services, we function as the "data processor" of personal data. AAA's responsibility is to process personal data in a lawful, fair, and transparent manner. Your responsibility is to read carefully and understand the present Privacy Policy and if you provide us with personal data of other people, you confirm that you have the right to authorize us to process them on your behalf in accordance with this Privacy Policy. AAA will only use that information for the specific reason for which it was provided.

Moreover, the User is fully aware and compliant with the General Data Protection Regulation (EU) 2016/679 (GDPR) and with the national regulatory framework for the protection of personal data, as well as any act (guideline, decision, directive, opinion, etc.) issued by the relevant Data Protection Authorities and any other relevant EU entities. The User shall not perform its obligations in relation to the personal data in such a way as to cause AAA to breach any of its obligations under applicable privacy legislation.

4. When and how we collect data

From the first moment you interact with AAA, personal data is collected. This is how AAA processes your data:

• During your subscription in AAA, personal data is necessary to provide the agreed Services to the User.
• During payment.
• During customer support and provision of feedback.
• When browsing AAA's website, through cookies (the information is depersonalized and is displayed as numbers, meaning it cannot be tracked back to individuals, please see also AAA's Cookies Statement).
• When typing in information into the platform’s forms and fields (e.g., AI system details, project descriptions, compliance-related information, or other text inputs that the User chooses to provide).

5. Types of data we collect

AAA collects the following data:

• Contact details (names, addresses, email addresses, etc.).
• Financial information (credit/debit card details, etc.).
• Data that identifies you (your IP address, login information, browser plug-in types, etc.).
• Any personal data you disclose voluntarily via AAA's feedback form or through customer support.
• Usage data (logs of platform usage, feature interactions, activity timestamps, error reports).
• Typed-in information (e.g., AI system details, compliance notes, project-related descriptions, or other text entered into the platform by the User, which may incidentally contain personal or company-related information).

AAA does not process sensitive data (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offenses or alleged offenses) or minors' personal data. Moreover, AAA only processes the personal data required to provide the Services. AAA does not process or use personal data for purposes other than those required for the provision of the Services but to the extent that it becomes necessary.

6. How and why, we use your data

AAA processes personal data to keep AAA running, provide the Services and improve those through your feedback. Thus, the legal basis for the above-mentioned processing is the execution of the contract between the User and AAA.

7. Your data security

AAA has physical, electronic, and managerial procedures to safeguard and secure the information it collects, to guarantee the highest security standard possible for the personal data it processes. The User should bear in mind that no data transmission is guaranteed to be 100% secure and the responsibility of safekeeping username and password lies within the User.

AAA implements the appropriate technical and organizational measures to ensure appropriate levels of protection and security of personal data. AAA ensures that the persons (employees or consultants) authorized to process personal data for the provision of the Services:

• provide adequate safeguards in terms of technical knowledge, personal integrity, and confidentiality,
• are under the direct supervision of AAA,
• are bound with confidentiality obligations,
• take all appropriate measures to protect personal data,
• are aware and apply the current legislative and regulatory framework for the protection of personal data,
• recognize that they may be liable to civil and criminal liability in the event of a data breach.

8. AAA's responsibility as a “data processor”

AAA will cooperate, assist, and provide the User with all necessary information to comply with its obligations under the applicable legislative framework and to comply with the instructions or decisions of the competent Data Protection Authority.

9. Retention periods

In case of not renewal or any other kind of subscription termination User data are retained in AAA for one month. Within that duration data export is available to the User, for the latter to retrieve all data processed in AAA. Personal data regarding the contractual relationship between the User and AAA are retained for as long as it is required according to applicable law.

10. Third parties and International Transfers

AAA carefully examines third parties that may be used to sub-process personal data. Personal data processed through AAA may also be processed by cloud service providers and payment institution as follows:

• AAA uses Google Cloud Services to provide its Services. Any data transfers relating to this sub-processing is subject to Google's terms as provided here: https://cloud.google.com/privacy/gdpr
• AAA uses Stripe for payments’ processing. Any data transfers relating to this sub-processing is subject to Stripe's Privacy Policy as provided here: https://stripe.com/privacy
• AAA may use third-party analytics providers (e.g., Google Analytics or equivalent) to monitor platform performance and improve services.
• AAA may engage trusted IT support, hosting, or maintenance providers under strict data processing agreements.

To the extent that personal data subject to EU data protection laws are transferred outside the EU, AAA follows one of the solutions mentioned below:

• signs EU Commission approved standard model clauses with the percipient of personal data,
• transfer is executed to a country deemed to have adequate data protection regulations by EU Commission or
• recipient has in place EU approved Binding Corporate Rules that apply to the processing in question.