Back to home

Privacy Policy

Last updated: February 2026

1. Who We Are

AIComply ("we", "us", "our") provides a self-serve EU AI Act compliance toolkit for small and medium-sized businesses. This privacy policy explains how we collect, use, and protect your personal data when you use our platform.

2. Data We Collect

We collect the following types of data:

  • Account data: Email address, full name, and organization name provided during registration.
  • AI system data: Information about your AI systems that you enter for classification, including system names, descriptions, providers, purposes, and classification answers.
  • Generated documents: Compliance documents generated through our AI-powered tools.
  • Usage data: Audit logs of actions performed within the platform (e.g., system classifications, document generation).
  • Payment data: Processed securely through Stripe. We do not store credit card numbers on our servers.

3. How We Use Your Data

  • To provide and maintain the AIComply service.
  • To generate compliance documents using AI (Anthropic Claude API). Your AI system details are sent to the Anthropic API solely for document generation.
  • To process payments through Stripe.
  • To communicate service updates and important notices.
  • To improve our service based on aggregated, anonymized usage patterns.

4. Data Storage & Security

Your data is stored on Supabase infrastructure hosted in the European Union (Frankfurt, Germany). We use industry-standard encryption for data in transit (TLS) and at rest. Access to your data is controlled through Row-Level Security policies, ensuring only your organization can access your data.

5. Third-Party Processors

  • Supabase — Database and authentication (EU-hosted).
  • Stripe — Payment processing.
  • Anthropic — AI document generation (data sent only when you explicitly request document generation).
  • Vercel — Application hosting.

6. Your Rights (GDPR)

Under the EU General Data Protection Regulation, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Restrict or object to processing.

To exercise any of these rights, contact us at privacy@aicomply.eu.

7. Data Retention

We retain your data for as long as your account is active. When you delete your account, your personal data and AI system data will be permanently deleted within 30 days. Aggregated, anonymized analytics data may be retained.

8. Cookies

We use essential cookies only — specifically for authentication session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes via email or an in-app notice.

10. Contact

For privacy-related questions, contact us at privacy@aicomply.eu.