Privacy Policy

Last update: February 9th, 2025

Introduction

ArtinLeap safeguards your privacy under:

  • EU Regulations: GDPR (Regulation (EU) 2016/679), EU AI Act (2024), and ePrivacy Directive.
  • US Laws: CCPA (Cal. Civ. Code § 1798.100 et seq.), VCDPA (Virginia), CPA (Colorado), and FTC AI Guidelines (15 U.S.C. § 45).
  • Global Standards: ISO/IEC 27001 (Security), OECD AI Principles.

1. Collection of Personal Information

Lawful Bases Under GDPR (Art. 6): Consent, Contract, Legal Obligation, Legitimate Interest.

Data Collected:

  • Directly: Name, email, job applications (GDPR Art. 4(1)).
  • Automatically: IP address, device info, browsing activity (ePrivacy Directive Art. 5(3)).
  • AI Interactions: Metadata from AI tool usage (EU AI Act, Art. 3(36)).

2. Use of Personal Information

Purposes & Legal Bases:

  • Service Delivery (Contract, GDPR Art. 6(1)(b)): Provide AI solutions, respond to inquiries.
  • Marketing (Consent, GDPR Art. 6(1)(a)): Send promotional emails (opt-out via CCPA § 1798.120).
  • Compliance (Legal Obligation, GDPR Art. 6(1)(c)): Tax reporting, fraud prevention.
  • AI Development (Legitimate Interest, GDPR Art. 6(1)(f)): Improve models using aggregated, anonymized data.

3. Disclosure of Personal Information

Recipients:

  • Processors: Subcontractors under GDPR Art. 28 (e.g., cloud providers).
  • Authorities: Law enforcement per GDPR Art. 6(1)(c) or CCPA § 1798.145.

International Transfers:

  • EU→US: EU-US Data Privacy Framework adequacy decision or SCCs (GDPR Art. 46).
  • Global: ISO 27001-certified vendors.

​4. Your Rights

EU Rights (GDPR):

  • Access (Art. 15), Rectification (Art. 16), Erasure (Art. 17), Restriction (Art. 18), Portability (Art. 20), Object (Art. 21).
  • No Automated Decisions (Art. 22): We do not use solely automated decision-making.

US Rights:

  • CCPA: Opt-out of data sales (§ 1798.120), Know/Delete data (§§ 1798.100, 1798.105).
  • VCDPA/CPA: Correct inaccuracies (Va. Code § 59.1-577, Colo. Rev. Stat. § 6-1-1306).

Exercise Rights: Submit requests via “Contact us” page or email (info@artinleap.com).

5. Data Security

  • Technical Measures: Encryption (TLS 1.3), access controls, annual ISO 27001 audits.
  • Breach Protocol: Notify EU authorities within 72 hours (GDPR Art. 33), affected users per CCPA § 1798.150.

6. Data Retention

  • Criteria: GDPR Art. 5(1)(e) (purpose limitation).
    • Client Data: 6 years post-contract termination.
    • Job Applications: 2 years (unless consent extended).
  • Anonymization: Aggregated data retained indefinitely for AI training.

​7. sAI & Transparency

  • EU AI Act Compliance:
    • Disclosures: Clear notices when interacting with AI (Art. 52).
    • Bias Mitigation: Testing per Art. 15.
  • Generative AI: Watermarked outputs per IEEE SA 2901-2019.

8. Third-Party Links

Disclaimer: We disclaim liability for third-party sites (e.g., LinkedIn, CRM platforms). Review their policies independently.

9. Updates

  • Material Changes: Notify via email or website banners (GDPR Art. 13(3)).
  • Archive: Previous policies available on demand.

10. Contact

  • EU: Data Protection Officer (DPO): info@artinleap.com.
  • US: Designated representative under CCPA § 1798.130.
  • Global: info@artinleap.com.

© 2025 BY ARTINLEAP

Terms & Conditions

Privacy Policy

Legal Information

When you visit this page, only 0.15g CO2 is emitted. This is cleaner than 85% of all web pages globally.

How do we calculate this?

Chat with us