regpilot

    Privacy Policy

    Last Updated: January 26, 2025

    regpilot ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our EU AI Act compliance platform and related services.

    Information We Collect

    We collect several types of information to provide and improve our services:

    Personal Information

    • Account Information: Name, email address, company name, job title
    • Contact Information: Phone number, mailing address (if provided)
    • Payment Information: Billing details processed through secure third-party payment processors
    • Profile Information: User preferences, settings, and profile data

    Usage Information

    • Platform Activity: Features used, compliance assessments performed, reports generated
    • Technical Data: IP address, browser type, device information, operating system
    • Log Data: Access times, pages viewed, actions taken within the platform
    • Cookies and Tracking: Session data, preferences, and analytics information

    Compliance Data

    • AI Model Information: Model descriptions, risk assessments, compliance scores
    • Organizational Data: Company structure, policies, procedures uploaded to the platform
    • Assessment Results: Compliance evaluations, audit findings, remediation tracking

    How We Use Your Information

    We use collected information for the following purposes:

    • Service Provision: Delivering compliance monitoring, risk assessment, and reporting services
    • Account Management: Creating and maintaining user accounts, authentication, billing
    • Platform Improvement: Analyzing usage patterns to enhance features and user experience
    • Communication: Sending service updates, security alerts, and support responses
    • Compliance Support: Providing regulatory guidance and compliance recommendations
    • Legal Obligations: Meeting regulatory requirements and responding to legal requests

    Information Sharing and Disclosure

    We may share your information only in these limited circumstances:

    • Service Providers: Third-party vendors who assist in platform operations (hosting, payment processing, analytics)
    • Legal Requirements: When required by law, court order, or regulatory authority
    • Business Transfers: In connection with mergers, acquisitions, or asset sales
    • Consent: When you explicitly authorize information sharing

    We do not sell, rent, or trade your personal information to third parties for marketing purposes.

    Data Security

    We implement industry-standard security measures including:

    • Encryption: Data encrypted in transit and at rest using AES-256 encryption
    • Access Controls: Role-based access with multi-factor authentication
    • Infrastructure Security: Secure cloud hosting with regular security audits
    • Monitoring: Continuous monitoring for security threats and vulnerabilities

    However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

    Data Retention

    We retain your information for as long as:

    • Your account remains active
    • Required to provide services
    • Necessary for legal compliance
    • Needed for legitimate business purposes

    Upon account termination, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

    Your Rights

    Depending on your location, you may have the following rights:

    • Access: Request copies of your personal information
    • Correction: Update or correct inaccurate information
    • Deletion: Request deletion of your personal information
    • Portability: Receive your data in a portable format
    • Restriction: Limit how we process your information
    • Objection: Object to certain processing activities

    To exercise these rights, contact us at privacy@regpilot.dev.

    International Data Transfers

    RegPilot operates globally and may transfer your information to countries outside your jurisdiction. We ensure appropriate safeguards are in place, including:

    • Standard Contractual Clauses: For transfers outside the EU/EEA
    • Adequacy Decisions: Transfers to countries with adequate data protection
    • Consent: Where legally required

    Contact Information

    For privacy-related questions or requests:

    Email: privacy@regpilot.dev
    Address: Bizlution AB, Gothenburg, Sweden

    Compliance Framework Disclaimer

    IMPORTANT: regpilot provides tools and guidance for EU AI Act compliance but does not guarantee compliance outcomes. Our platform:

    • Does not constitute legal advice or professional consultation
    • Cannot ensure your organization's full regulatory compliance
    • Requires independent legal review of all compliance assessments
    • Recommends consulting qualified legal counsel for compliance matters

    You remain solely responsible for ensuring your organization's compliance with applicable laws and regulations.

    regpilot

    EU AI Act Compliance Made Simple

    regpilot helps organizations achieve and maintain compliance with the EU AI Act through automated monitoring, risk assessment, and regulatory reporting.

    • Pricing
    • Privacy Policy
    • Terms of Service
    • Cookie Policy
    • GDPR