Privacy Policy

This policy applies to all users of BAISS services globally. If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, you have additional rights under GDPR, as explained below.

a. Information You Provide

• Account Information: Username, email, password, company name.
• Business Data: Prompts, files, and business context you provide.
• Communications: Emails, support messages, or feedback you send us.
• Survey or Event Data: Responses you voluntarily provide.

b. Information Collected Automatically

• Technical Data: IP address, browser, device info, OS.
• Usage Data: Pages viewed, features used, access times.
• Cookies & Similar Technologies: Session cookies, analytics cookies (see our Cookie Policy).

We process your personal data based on:

• Your consent (e.g., for marketing or optional cookies).
• The necessity to perform a contract (e.g., providing services).
• Our legitimate interests (e.g., service improvement and security).
• Compliance with legal obligations.

• Deliver and maintain our services.
• Personalize and improve your experience.
• Provide customer support.
• Monitor performance and security.
• Improve AI models (with appropriate safeguards).
• Comply with legal and regulatory requirements.

We may share your data with:

• Service Providers (e.g., hosting, analytics, security), under strict confidentiality.
• Legal Authorities, when required by law or to protect rights.
• Business Partners, where necessary for integrated services (with your consent).
• Corporate Transactions, such as mergers or acquisitions.

We never sell your personal data.

Your data is stored and processed exclusively on servers located in France. We do not transfer your personal data outside of the European Economic Area (EEA), ensuring full compliance with EU data protection laws. Where required, we implement safeguards such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Other legally approved mechanisms.

• We retain your data only for as long as necessary to provide our services and fulfill your requests.
• Comply with legal obligations.
• Resolve disputes or enforce our terms.
• Once your account is deleted, your data will be retained for up to 30 days before being permanently erased. Additionally, any conversations, dashboards, or other user-generated content you delete will also be automatically and permanently removed from our systems after 30 days.

Depending on your location, you have rights under data protection laws:

• Access your data.
• Rectify inaccurate information.
• Delete your personal data.
• Object to or restrict certain processing.
• Withdraw consent at any time (for consent-based processing).
• Data portability to receive a copy in a machine-readable format.

To exercise your rights, email us at support@baiss.ai. We may require verification of your identity.

• We implement appropriate technical and organizational measures to secure your data, including:
• Encryption in transit and at rest.
• Access controls.
• Regular audits and monitoring.
• Despite our efforts, no system can be guaranteed 100% secure. Please use caution when sharing sensitive data.

BAISS is not intended for children under the age of 13 (or under 16 in the EEA). We do not knowingly collect data from minors. If we learn that we've collected such data, we will delete it promptly.

We may revise this Privacy Policy periodically. If changes are material, we will notify you through our app or by email. You can always view the latest version at www.baiss.ai/privacy.

For any questions, concerns, or to exercise your rights: support@baiss.ai

If you are located in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.