Privacy Policy

Your privacy is fundamental to our mission. This policy outlines our commitment to protecting your data in compliance with GDPR and Norwegian law.

Last updated: August 10, 2025

Our GDPR Principles

The core values that guide our approach to data privacy.

Lawfulness, Fairness & Transparency

We process data lawfully and transparently, providing clear information about how we use it.

Data Minimization

We only collect personal data that is necessary to provide and improve our services.

Integrity & Confidentiality

All data is protected with robust security measures, including encryption in transit and at rest.

1. Data Controller

The data controller responsible for your personal data is:

AI Solution AS
Mandalls gate 10
0190 OSLO, NORWAY
Organization number: 931 884 220
Email: privacy@aisolution.no

2. Information We Collect and Process

We collect and process data to provide and improve our service. The legal basis for our processing is primarily the performance of our contract with you (GDPR Art. 6(1)(b)) and our legitimate interests (GDPR Art. 6(1)(f)).

Account & Contact Information

When you sign up, we collect your name, email, company name, and contact details. For billing, we process payment information via our secure payment provider.

Service Usage Data

We collect data on how you interact with our service, such as feature usage, query patterns, and performance metrics, to improve our product. This data is often aggregated and anonymized.

Enterprise & Conversation Data

To provide our core service, we process data you connect to AidEun, such as database schemas, and the content of your conversations with the AI. We are a data processor for this information, and you are the data controller. We only process this data based on your instructions to provide the service.

3. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request to correct inaccurate or incomplete data.
  • Right to Erasure ('Right to be Forgotten'): You can request the deletion of your personal data, under certain conditions.
  • Right to Restrict Processing: You can request that we limit the processing of your data.
  • Right to Data Portability: You can request to receive your data in a machine-readable format.
  • Right to Object: You can object to our processing of your data, especially for direct marketing.

To exercise these rights, please contact us at privacy@aisolution.no.

4. International Data Transfers

We may use sub-processors (e.g., for cloud infrastructure) located outside the EU/EEA. In such cases, we ensure your data is protected through legal mechanisms like the EU's Standard Contractual Clauses (SCCs), ensuring a level of data protection equivalent to that within the EU.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Account data is typically deleted 90 days after account termination, unless required otherwise by law.

6. Lodging a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or your local supervisory authority.