Privacy Policy

1. Introduction

AIOBI ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including the AIOBI AI Platform (aiobi.ai), our white-label software solutions, and our website (aiobi.pt).

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you consent to the practices described in this policy.

2. Data Controller

AIOBI is the data controller responsible for your personal data. For any questions regarding this policy or your data, please contact us at:

Data Protection Officer
Email: privacy@aiobi.pt
Address: Lisbon, Portugal

3. Information We Collect

We collect the following types of information:

3.1 Information You Provide

• Account Information: Name, email address, phone number, company name, and password when you register
• Payment Information: Billing address, payment method details (processed securely through our payment providers)
• Communication Data: Messages, feedback, and support requests you send to us
• User Content: Content you create or upload using our services, including AI prompts and generated content

3.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on our platform, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Server logs, error reports, and performance data
• Cookies: See our Cookie Policy for detailed information

3.3 AI Platform Data

• Prompts and Inputs: Text, images, or other content you submit to our AI models
• Generated Outputs: Content generated by AI models in response to your inputs
• Usage Metrics: Credits used, models accessed, and feature utilization

4. How We Use Your Information

We use your personal data for the following purposes:

• Service Delivery: To provide, maintain, and improve our services
• Account Management: To create and manage your account, process payments, and provide support
• Communication: To send service updates, security alerts, and promotional communications (with consent)
• Analytics: To understand usage patterns and improve our platform
• Security: To detect, prevent, and address technical issues and security threats
• Legal Compliance: To comply with legal obligations and protect our rights
• AI Model Improvement: To enhance our AI services (only with your consent and in anonymized form)

5. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide our services to you
• Legitimate Interests: For security, fraud prevention, and service improvement
• Consent: For marketing communications and optional data processing
• Legal Obligation: To comply with applicable laws and regulations

6. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Third-party vendors who help us operate our services (hosting, payment processing, analytics)
• AI Model Providers: Your prompts may be processed by third-party AI providers (OpenAI, Anthropic, etc.) subject to their privacy policies
• Business Partners: With your consent, for joint offerings or integrations
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with mergers, acquisitions, or asset sales

We do not sell your personal data to third parties.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequate data protection levels
• Binding corporate rules where applicable

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

• Account Data: For the duration of your account plus 3 years after closure
• Transaction Data: 7 years for legal and tax compliance
• AI Prompts/Outputs: 30 days by default, unless you choose to save them
• Analytics Data: Aggregated and anonymized for up to 3 years

9. Your Rights (GDPR)

Under the GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Request limitation of data processing
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw previously given consent at any time
• Complaint: Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@aiobi.pt. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and authentication mechanisms
• Regular security assessments and audits
• Employee training on data protection
• Incident response procedures

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at privacy@aiobi.pt.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through a prominent notice on our website. The "Last updated" date at the top indicates when the policy was last revised.