At Maila AI, we are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your data when you interact with our website, AI software products, and services ("Services").
Scope: This policy applies to all Customers and Website visitors of Maila.ai. By using our services or visiting our website, you agree to the terms outlined in this Privacy Policy.
Definitions:
Compliance: Maila.ai is fully compliant with the General Data Protection Regulation (GDPR) and the Swedish Data Protection Act. We adhere to the highest standards of data protection and privacy to ensure the safety and confidentiality of our users' Personal Data.
Maila.ai acts as a Controller, meaning that we are responsible for determining the purposes and means of Processing Personal Data. We collect and Process data to provide our AI-generated voice, image, and text services to our users.
As a Controller, we are committed to:
We have appointed a Data Protection Officer (DPO) who oversees our data protection practices and ensures that we remain compliant with applicable data protection laws. Our DPO can be contacted at dpo@maila.ai.
We regularly review and update our data protection policies and procedures to ensure that we are meeting our obligations as a Controller and providing the highest level of protection for our users' Personal Data.
Lawful Basis for Processing: We Process Personal Data based on the following legal grounds:
Data Retention: We will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The specific retention periods may vary depending on the type of data and the purpose of Processing. Once the retention period expires, we will securely delete or anonymize your Personal Data.
Data Minimization: We adhere to the principle of data minimization, collecting and Processing only the Personal Data that is necessary for the specified purposes. We regularly review our data collection practices to ensure that we are not collecting more data than is required.
Accuracy: We take reasonable steps to ensure that the Personal Data we Process is accurate, complete, and up to date. We encourage you to keep your Personal Data current and to notify us of any changes or inaccuracies.
Security: We implement appropriate technical and organizational measures to protect your Personal Data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security audits. We also ensure that our employees and service providers who have access to your Personal Data are bound by confidentiality obligations.
Data Protection Impact Assessments (DPIA): When Processing is likely to result in a high risk to your rights and freedoms, we conduct a DPIA to identify and mitigate potential risks. This helps us to ensure that our Processing activities are compliant with data protection laws and that your rights are adequately protected.
Data Breach Notification: In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, as required by law.
At Maila.ai, we collect and use your Personal Data for the following purposes:
Providing Services: We use your Personal Data to deliver our services. This includes Processing your inputs, generating outputs, and providing you with the results of our AI algorithms.
User Authentication: To ensure secure access to our services, we use your Personal Data to verify your identity when you log in to your account. This may include Processing your email address, password, or other authentication information.
Customer Service and Support: When you contact us with inquiries or requests for assistance, we use your Personal Data to respond to your messages and provide the necessary support. This may include Processing your name, email address, and the contents of your communications with us.
Service Updates and Newsletters: We may use your email address to send you important updates about our services, such as new features, improvements, or changes to our terms and policies. We may also send you newsletters with relevant information about our AI technologies and industry news. You can opt-out of these communications at any time by clicking the "Unsubscribe" link in the email or contacting us directly.
Bookkeeping: As required by law, we use your Personal Data to maintain accurate financial records of transactions related to our services. This may include Processing your name, contact information, and payment details for invoicing and accounting purposes.
We will only Process your Personal Data for the purposes specified above or for other compatible purposes. If we need to use your Personal Data for an unrelated purpose, we will notify you and obtain your consent, unless otherwise required or permitted by law.
We will not sell, rent, or trade your Personal Data to third parties for their marketing purposes without your explicit consent. We may share your Personal Data with trusted service providers who assist us in delivering our services, but only to the extent necessary and under strict confidentiality obligations.
At Maila.ai, we respect your rights as a data subject under the GDPR and the Swedish Data Protection Act. You have the following rights regarding your Personal Data:
Access: You have the right to request access to your Personal Data that we Process. This includes the right to obtain confirmation as to whether we Process your Personal Data, and if so, to receive a copy of that data along with certain information about the Processing.
Rectification: If you believe that the Personal Data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.
Erasure (Right to be Forgotten): In certain circumstances, such as when your Personal Data is no longer necessary for the purposes for which it was collected, you have the right to request that we delete your data. However, this right is subject to certain exceptions, such as when the Processing is necessary for compliance with a legal obligation.
Objection: You have the right to object to the Processing of your Personal Data based on our legitimate interests (or those of a third party). In such cases, we will cease Processing your data unless we have compelling legitimate grounds to continue the Processing or the Processing is necessary for the establishment, exercise, or defense of legal claims.
Restriction: You have the right to request that we restrict the Processing of your Personal Data in certain circumstances, such as when you contest the accuracy of the data or when you have objected to the Processing pending verification of our legitimate grounds.
Data Portability: You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used, and machine-readable format, and to transmit that data to another Controller without hindrance, where technically feasible.
Withdraw Consent: Where the Processing of your Personal Data is based on your consent, you have the right to withdraw that consent at any time. The withdrawal of consent will not affect the lawfulness of Processing based on consent before its withdrawal.
To exercise any of these rights, please contact us using the information provided in the "Contact Information" section below. We will respond to your request within one month, as required by law. In certain circumstances, we may extend this period by two further months, in which case we will inform you of the extension and the reasons for it.
Please note that in some cases, we may need to verify your identity before Processing your request. We may also charge a reasonable fee or refuse to act on your request if it is manifestly unfounded, excessive, or repetitive.
If you are not satisfied with our response to your request or believe that we are Processing your Personal Data in violation of data protection laws, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten) or another competent supervisory authority.
We are committed to ensuring the security and privacy of your Personal Data when it is transferred to third parties or outside the European Union (EU) or European Economic Area (EEA).
Processors: We may engage trusted third-party service providers (Processors) to assist us in delivering our services and Processing your Personal Data on our behalf. These Processors are bound by strict Data Processing Agreements (DPAs) that require them to:
International Transfers: When transferring your Personal Data outside the EU/EEA, we ensure that appropriate safeguards are in place to provide an adequate level of protection in accordance with GDPR requirements. These safeguards may include:
Disclosure to Third Parties: We may disclose your Personal Data to third parties in the following circumstances:
Anonymized Data: We may share aggregated or anonymized data that does not identify you personally with third parties for research, marketing, or other purposes. This data is not considered Personal Data under the GDPR.
We use cookies and similar tracking technologies to enhance your user experience, secure our services, and analyze website performance. This section explains how we use cookies and your options for managing them.
Types of Cookies: We use the following types of cookies on our website: