1. Overview
AI-Solution ("we", "us", "our") is committed to protecting the privacy and personal data of all users ("you") of our platform and services. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights under applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and other applicable legislation.
This Policy applies to all services operated by AI-Solution, including our website, web application, mobile applications, and APIs. By using our services, you acknowledge that you have read and understood this Policy.
2. Data We Collect
2.1 Data You Provide Directly
- Account information: Name, email address, password (stored as a secure hash), and optional profile photo.
- Profile preferences: Settings, goals, language preferences, and lifestyle information you enter during onboarding.
- Communications: Messages you send to our support team, feedback, or survey responses.
- Payment information: Billing address and payment method details (processed by our PCI-DSS certified payment provider; we do not store full card numbers).
2.2 Data Collected Automatically
- Usage data: Pages visited, features used, clicks, session duration, and interaction patterns.
- Device data: Device type, operating system, browser type and version, screen resolution.
- Log data: IP address (anonymised after 90 days), timestamps, error logs, and access logs.
- Cookie data: See Section 8 for full details on cookies we use.
2.3 Data from Third Parties
- If you connect third-party services (calendar, email, smart home devices), we receive data from those integrations only as necessary to provide the connected feature, and only with your explicit authorisation.
3. How We Use Your Data
We use your personal data for the following purposes:
- Providing, operating, and improving our AI services and features
- Personalising your experience and adapting our AI recommendations to you
- Processing payments and managing your subscription
- Sending service-related communications (account verification, security alerts, receipts)
- Sending marketing communications (only with your explicit consent, which you can withdraw at any time)
- Analysing usage patterns to improve our platform — using anonymised or aggregated data where possible
- Detecting, preventing, and investigating fraud, abuse, or security incidents
- Complying with legal obligations
We do not use your personal data to train general AI/ML models that will be shared externally, unless you explicitly opt in to our AI improvement programme.
4. Legal Basis for Processing (GDPR)
Under the GDPR, we process your personal data on the following legal bases:
- Contract performance (Art. 6(1)(b)): Processing necessary to provide the services you have requested.
- Legitimate interests (Art. 6(1)(f)): Security monitoring, fraud prevention, and service improvement using anonymised analytics.
- Consent (Art. 6(1)(a)): Marketing emails, non-essential cookies, and participation in AI improvement programmes. You may withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)): Retention of certain records as required by applicable law.
5. Data Sharing and Disclosure
We do not sell your personal data. We share data only in the following circumstances:
- Service providers: Trusted processors acting on our instructions (cloud hosting, payment processing, email delivery, customer support tools), bound by data processing agreements.
- Legal requirements: When required by law, court order, or to protect the rights, property, or safety of our users or the public.
- Business transfers: In the event of a merger, acquisition, or sale, your data may be transferred. We will notify you before this occurs and you will retain your deletion rights.
- With your consent: Any other sharing will only occur with your explicit prior consent.
All third-party processors are selected carefully, assessed for compliance, and bound by GDPR-compliant data processing agreements (DPAs).
6. Data Retention
We retain your personal data only as long as necessary for the purposes described in this Policy:
- Active account data: Retained for the duration of your account plus 90 days after deletion request.
- Usage logs: Anonymised after 90 days; retained in anonymised form for up to 2 years.
- Payment records: Retained for 7 years as required by financial regulations.
- Support communications: Retained for 3 years.
- Marketing consent records: Retained for 3 years after the last interaction.
7. Your Data Rights
Under GDPR and other applicable laws, you have the following rights:
Right of Access
Request a copy of all personal data we hold about you.
Right to Rectification
Correct inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Restriction
Restrict how we process your data in certain circumstances.
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing.
To exercise any of these rights, email us at privacy@ai-solution.app. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
8. Cookies
We use cookies and similar technologies. See our full Cookie Policy for details. In summary:
- Essential cookies: Required for the service to function (session management, security). No consent required.
- Functional cookies: Remember your preferences and settings. Require consent.
- Analytics cookies: Help us understand how you use our service (using anonymised data). Require consent.
- Marketing cookies: Used to show relevant content. Require consent. We do not use third-party advertising cookies.
You can manage or withdraw cookie consent at any time via the cookie settings link in our footer.
9. Security
We implement appropriate technical and organisational measures to protect your personal data:
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for sensitive data at rest
- Multi-factor authentication available for all accounts
- Regular security audits and penetration testing
- Strict access controls — staff access to data is role-based and logged
- Incident response plan with 72-hour breach notification per GDPR requirements
10. Children's Privacy
Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will delete it promptly. If you believe we may have such data, please contact us at privacy@ai-solution.app.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by email and/or by displaying a prominent notice on our platform at least 30 days before the changes take effect. The date at the top of this page indicates when the Policy was last revised.
Your continued use of our services after the effective date constitutes your acceptance of the updated Policy.
12. Contact & Data Protection Officer
Get in touch about privacy
For any privacy-related questions, requests, or concerns:
Email: privacy@ai-solution.app
Data Protection Officer: dpo@ai-solution.app
Postal address: AI-Solution, Data Privacy Team, [Your Address]
If you are unsatisfied with our response, you may contact your national data protection authority. EU users may contact the supervisory authority in their member state.