1. Introduction

At Maila AI, we are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your data when you interact with our website, AI software products, and services ("Services").

  • Scope: This policy applies to all Customers and Website visitors of Maila.ai. By using our services or visiting our website, you agree to the terms outlined in this Privacy Policy.

  • Definitions:

    • "Personal Data": Any information relating to an identified or identifiable natural person, such as name, email address, or IP address.
    • "Processing": Any operation performed on Personal Data, such as collection, recording, storage, alteration, retrieval, use, disclosure, or erasure.

  • Compliance: Maila.ai is fully compliant with the General Data Protection Regulation (GDPR) and the Swedish Data Protection Act. We adhere to the highest standards of data protection and privacy to ensure the safety and confidentiality of our users' Personal Data.

2. Our Role as a Controller

  • Maila.ai acts as a Controller, meaning that we are responsible for determining the purposes and means of Processing Personal Data. We collect and Process data to provide our AI-generated voice, image, and text services to our users.

  • As a Controller, we are committed to:

    • Being transparent about our data collection and Processing practices
    • Collecting and Processing Personal Data lawfully and fairly
    • Ensuring the accuracy and security of the Personal Data we Process
    • Respecting the rights of data subjects, such as the right to access, rectify, or erase their Personal Data
    • Cooperating with supervisory authorities, such as the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten), in the event of an investigation or inquiry

  • We have appointed a Data Protection Officer (DPO) who oversees our data protection practices and ensures that we remain compliant with applicable data protection laws. Our DPO can be contacted at dpo@maila.ai.

  • We regularly review and update our data protection policies and procedures to ensure that we are meeting our obligations as a Controller and providing the highest level of protection for our users' Personal Data.

3. Our Processing of Personal Data

  • Lawful Basis for Processing: We Process Personal Data based on the following legal grounds:

    • Consent: When you provide explicit consent for us to Process your Personal Data for a specific purpose, such as signing up for our newsletter.
    • Performance of a Contract: When Processing is necessary to fulfill our contractual obligations to you, such as providing our services.
    • Legitimate Interest: When we have a legitimate business interest to Process your Personal Data, such as improving our services or detecting and preventing fraud.
    • Legal Obligation: When Processing is required to comply with applicable laws and regulations, such as maintaining financial records for bookkeeping purposes.

  • Data Retention: We will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The specific retention periods may vary depending on the type of data and the purpose of Processing. Once the retention period expires, we will securely delete or anonymize your Personal Data.

  • Data Minimization: We adhere to the principle of data minimization, collecting and Processing only the Personal Data that is necessary for the specified purposes. We regularly review our data collection practices to ensure that we are not collecting more data than is required.

  • Accuracy: We take reasonable steps to ensure that the Personal Data we Process is accurate, complete, and up to date. We encourage you to keep your Personal Data current and to notify us of any changes or inaccuracies.

  • Security: We implement appropriate technical and organizational measures to protect your Personal Data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security audits. We also ensure that our employees and service providers who have access to your Personal Data are bound by confidentiality obligations.

  • Data Protection Impact Assessments (DPIA): When Processing is likely to result in a high risk to your rights and freedoms, we conduct a DPIA to identify and mitigate potential risks. This helps us to ensure that our Processing activities are compliant with data protection laws and that your rights are adequately protected.

  • Data Breach Notification: In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, as required by law.

4. Purposes of Personal Data Usage

At Maila.ai, we collect and use your Personal Data for the following purposes:

  • Providing Services: We use your Personal Data to deliver our services. This includes Processing your inputs, generating outputs, and providing you with the results of our AI algorithms.

  • User Authentication: To ensure secure access to our services, we use your Personal Data to verify your identity when you log in to your account. This may include Processing your email address, password, or other authentication information.

  • Customer Service and Support: When you contact us with inquiries or requests for assistance, we use your Personal Data to respond to your messages and provide the necessary support. This may include Processing your name, email address, and the contents of your communications with us.

  • Service Updates and Newsletters: We may use your email address to send you important updates about our services, such as new features, improvements, or changes to our terms and policies. We may also send you newsletters with relevant information about our AI technologies and industry news. You can opt-out of these communications at any time by clicking the "Unsubscribe" link in the email or contacting us directly.

  • Bookkeeping: As required by law, we use your Personal Data to maintain accurate financial records of transactions related to our services. This may include Processing your name, contact information, and payment details for invoicing and accounting purposes.

We will only Process your Personal Data for the purposes specified above or for other compatible purposes. If we need to use your Personal Data for an unrelated purpose, we will notify you and obtain your consent, unless otherwise required or permitted by law.

We will not sell, rent, or trade your Personal Data to third parties for their marketing purposes without your explicit consent. We may share your Personal Data with trusted service providers who assist us in delivering our services, but only to the extent necessary and under strict confidentiality obligations.

5. Your Rights

At Maila.ai, we respect your rights as a data subject under the GDPR and the Swedish Data Protection Act. You have the following rights regarding your Personal Data:

  • Access: You have the right to request access to your Personal Data that we Process. This includes the right to obtain confirmation as to whether we Process your Personal Data, and if so, to receive a copy of that data along with certain information about the Processing.

  • Rectification: If you believe that the Personal Data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.

  • Erasure (Right to be Forgotten): In certain circumstances, such as when your Personal Data is no longer necessary for the purposes for which it was collected, you have the right to request that we delete your data. However, this right is subject to certain exceptions, such as when the Processing is necessary for compliance with a legal obligation.

  • Objection: You have the right to object to the Processing of your Personal Data based on our legitimate interests (or those of a third party). In such cases, we will cease Processing your data unless we have compelling legitimate grounds to continue the Processing or the Processing is necessary for the establishment, exercise, or defense of legal claims.

  • Restriction: You have the right to request that we restrict the Processing of your Personal Data in certain circumstances, such as when you contest the accuracy of the data or when you have objected to the Processing pending verification of our legitimate grounds.

  • Data Portability: You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used, and machine-readable format, and to transmit that data to another Controller without hindrance, where technically feasible.

  • Withdraw Consent: Where the Processing of your Personal Data is based on your consent, you have the right to withdraw that consent at any time. The withdrawal of consent will not affect the lawfulness of Processing based on consent before its withdrawal.

To exercise any of these rights, please contact us using the information provided in the "Contact Information" section below. We will respond to your request within one month, as required by law. In certain circumstances, we may extend this period by two further months, in which case we will inform you of the extension and the reasons for it.

Please note that in some cases, we may need to verify your identity before Processing your request. We may also charge a reasonable fee or refuse to act on your request if it is manifestly unfounded, excessive, or repetitive.

If you are not satisfied with our response to your request or believe that we are Processing your Personal Data in violation of data protection laws, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten) or another competent supervisory authority.

6. Transfer of Personal Data

We are committed to ensuring the security and privacy of your Personal Data when it is transferred to third parties or outside the European Union (EU) or European Economic Area (EEA).

  • Processors: We may engage trusted third-party service providers (Processors) to assist us in delivering our services and Processing your Personal Data on our behalf. These Processors are bound by strict Data Processing Agreements (DPAs) that require them to:

    • Process your Personal Data only on our documented instructions
    • Implement appropriate technical and organizational measures to protect your data
    • Assist us in fulfilling our obligations under data protection laws
    • Delete or return your Personal Data upon completion of the services
    • Submit to audits and inspections to verify compliance with the DPA

  • International Transfers: When transferring your Personal Data outside the EU/EEA, we ensure that appropriate safeguards are in place to provide an adequate level of protection in accordance with GDPR requirements. These safeguards may include:

    • Transferring data to countries that have been deemed to provide an adequate level of protection by the European Commission
    • Using standard contractual clauses approved by the European Commission
    • Implementing Binding Corporate Rules (BCRs) for intra-group transfers
    • Obtaining your explicit consent for the transfer, after informing you of the possible risks

  • Disclosure to Third Parties: We may disclose your Personal Data to third parties in the following circumstances:

    • When required by law, such as to comply with a court order or legal process
    • To protect our rights, property, or safety, or that of our users or the public
    • In connection with a merger, acquisition, or sale of all or a portion of our assets
    • With your explicit consent

  • Anonymized Data: We may share aggregated or anonymized data that does not identify you personally with third parties for research, marketing, or other purposes. This data is not considered Personal Data under the GDPR.

We use cookies and similar tracking technologies to enhance your user experience, secure our services, and analyze website performance. This section explains how we use cookies and your options for managing them.

  • Types of Cookies: We use the following types of cookies on our website:

    • Essential Cookies: These cookies are necessary for the operation of our website and enable you to navigate and use its features. Without these cookies, certain functionalities would not be possible.
    • Performance Cookies: We use performance cookies to analyze how visitors use our website, detect errors, and improve the website's performance and user experience.
    • Functional Cookies: These cookies allow our website to remember choices you make, such as your language preference or login information, to provide a more personalized experience.
    • Advertising Cookies: We may use advertising cookies to deliver targeted advertisements that are relevant to your interests. These cookies may track your online activities over time and across different websites.

  • First-party and Third-party Cookies: We use both first-party cookies (set by Maila.ai) and third-party cookies (set by our trusted partners and service providers) on our website. Third-party cookies are subject to the privacy policies of the respective third parties.

  • Cookie Duration: The storage duration of cookies varies depending on their purpose:

    • Session Cookies: These cookies are temporary and expire once you close your browser. They are used to maintain your session state and preferences during your visit.
    • Persistent Cookies: These cookies remain on your device for a predetermined period or until you delete them manually. They are used to remember your preferences, settings, and activity over time.

  • Managing Cookies: You have the right to decide whether to accept or reject cookies. You can exercise your cookie preferences by:

    • Configuring your browser settings to accept or refuse cookies, or to notify you when a cookie is being set. Note that disabling cookies may affect the functionality of our website.
    • Using the cookie consent tool on our website to adjust your preferences for non-essential cookies.
    • Opting out of third-party advertising cookies through the Network Advertising Initiative (NAI) or the Digital Advertising Alliance (DAA).

For more detailed information about the specific cookies we use and your options for managing them, please refer to our Cookie Policy.

Please note that we may change the cookies we use from time to time to improve the functionality of our website and your user experience. We will inform you of any significant changes to our use of cookies by updating this Privacy Policy or our Cookie Policy accordingly.

9. Complaint Procedure

If you believe that we have not complied with applicable data protection laws or have infringed upon your privacy rights, you have the right to lodge a complaint through the following procedure:

  1. Contact Us: As a first step, we encourage you to contact us directly with your complaint or concern. You can reach out at support@maila.ai or using the contact information provided in the "Contact Information" section below. We will investigate your complaint and attempt to resolve it internally as quickly as possible.

  2. Provide Relevant Information: To help us effectively address your complaint, please provide us with the following information:

    • Your full name and contact details
    • A clear and concise description of your complaint, including the specific rights you believe have been violated
    • Any relevant documentation or evidence supporting your complaint
    • The outcome you are seeking

  3. Our Response: Upon receiving your complaint, we will:

    • Acknowledge receipt of your complaint within 7 days
    • Investigate your complaint thoroughly and impartially
    • Keep you informed about the progress of our investigation
    • Provide you with a final response within 30 days, unless the complexity of the complaint requires an extension, in which case we will notify you accordingly

  4. Supervisory Authority: If you are not satisfied with our response to your complaint or believe that we are processing your Personal Data in violation of data protection laws, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten).

    • You may also have the right to lodge a complaint with the supervisory authority in your country of residence, place of work, or where the alleged infringement took place.

  5. Judicial Remedy: In addition to lodging a complaint with a supervisory authority, you have the right to an effective judicial remedy if you consider that your rights under data protection laws have been infringed as a result of the processing of your Personal Data in non-compliance with these laws.

If you believe that we have not been able to address your complaint satisfactorily, we respect your right to seek redress through the appropriate supervisory authority or judicial body.

10. Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect Personal Data from children. If we become aware that we have collected Personal Data from a child without parental consent, we will take steps to delete that information as soon as possible.

11. Changes to the Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our data processing practices, legal obligations, or other relevant factors. We are committed to keeping you informed about any significant changes to this policy and how they may impact your rights or our obligations.

  • Notification of Changes: If we make material changes to this Privacy Policy that affect your rights or increase our obligations, we will notify you in advance through one or more of the following methods:

    • Sending an email to the address associated with your account
    • Displaying a prominent notice on our website or within our services
    • Requesting your explicit consent for the changes, where required by law

  • Timing of Notifications: We will provide you with a reasonable notice period before the changes take effect, typically at least 30 days in advance. This gives you an opportunity to review the changes and decide whether to continue using our services under the updated terms.

  • Non-Material Changes: For non-material changes that do not significantly impact your rights or our obligations, we may update the Privacy Policy without providing advance notice. However, we will always indicate the date of the latest revision at the top of the policy.

  • Reviewing Changes: We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your Personal Data. Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

If you have any questions or concerns about changes to this Privacy Policy, please don't hesitate to reach out to us using the contact information provided in the "Contact Information" section below. We are committed to engaging with you and addressing any inquiries you may have about our data protection practices.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us using the following information:

Maila.ai Email: support@maila.ai.

Privacy Notice

If you are not satisfied with our response or believe that we are processing your Personal Data in violation of applicable data protection laws, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten) or another competent supervisory authority, as described in the "Complaint Procedure" section above.

We are committed to working with you to resolve any issues and ensuring that your privacy rights are respected. Your trust and confidence in our data protection practices are of utmost importance to us.