GDPR Compliance

Data Controller

AiSuites.ai acts as the data controller for personal information collected through our website, applications, and AI-powered services. As the controller, we determine the purposes and means of processing personal data and are responsible for ensuring compliance with applicable data protection laws.

For any questions regarding our role as a data controller, you can reach us through the contact details listed at the end of this page.

Lawful Bases for Processing

We only process personal data when we have a lawful basis to do so under Article 6 of the GDPR. Depending on the activity, we may rely on one or more of the following bases:

• Consent — when you have given clear permission for a specific purpose, such as marketing communications
• Contract — when processing is necessary to deliver the services you have signed up for
• Legal obligation — when processing is required to comply with applicable laws and regulations
• Legitimate interests — when processing is necessary for our legitimate business interests and does not override your rights
• Vital interests — when processing is necessary to protect a person’s life or safety

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Personal Data We Collect

We may collect identification details such as your name, email address, billing information, and account credentials, as well as technical data like IP address, browser type, device information, and usage analytics. When you use our AI tools, we may also process prompts, uploaded files, and generated outputs solely to deliver the requested service.

We do not knowingly collect special category data (such as health, biometric, or political information) and ask that users avoid submitting such data through the platform.

Your Rights Under GDPR

If you are located in the EEA, the United Kingdom, or another GDPR-covered region, you have the following rights regarding your personal data:

• Right to be informed about how your data is collected and used
• Right of access to a copy of the personal data we hold about you
• Right to rectification of inaccurate or incomplete information
• Right to erasure (the "right to be forgotten") in certain circumstances
• Right to restrict processing of your personal data
• Right to data portability in a structured, machine-readable format
• Right to object to processing based on legitimate interests or direct marketing
• Rights related to automated decision-making and profiling

You can exercise any of these rights by contacting us through our official support channels. We may need to verify your identity before responding and will reply within the time frames set by applicable law.

International Data Transfers

AiSuites.ai operates globally, which means personal data may be transferred to, and processed in, countries outside the EEA or the United Kingdom. When we transfer data internationally, we use appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms recognised under GDPR.

Data Retention

We retain personal data only for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we securely delete or anonymise it in accordance with our retention schedule.

Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures include encryption in transit, access controls, secure cloud infrastructure, and regular monitoring of our systems.

While we work to maintain strong protection, no online system can guarantee absolute security. Users are encouraged to keep their account credentials confidential and to notify us promptly of any suspected unauthorised access.

Third-Party Processors

We work with trusted third-party processors for hosting, analytics, payment processing, and AI infrastructure. These processors act on our instructions under written agreements that require them to comply with GDPR and protect personal data with appropriate safeguards.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours where required, and inform affected users without undue delay in line with GDPR obligations.

Filing a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can address your concerns directly and work toward a resolution.

Updates to This GDPR Notice

We may update this GDPR Compliance notice from time to time to reflect changes in our services, technology, or legal requirements. Updated versions will be posted on this page with a revised effective date. Continued use of AiSuites.ai after changes are published constitutes acceptance of the updated notice.

Contact Us

If you have questions regarding this GDPR Compliance notice or wish to exercise any of your rights, you may contact AiSuites.ai through our official website or support channels.