- Data Protection Authority – the independent national public authority responsible for the monitoring and enforcement of the data protection regulations within the European Union
- Data Subject – an identified or identifiable natural person whose Personal Data is processed by a controller or processor
- Encryption – set of technological measures that ensure that the data is only readable by those with specified access
- NDA – Non-Disclosure Agreement is a legal binding document in which the parties involved can restrict the use and dissemination of information
- Personal Data (including Personal Information) – any information related to a ‘Data Subject’, that can be used to directly or indirectly identify the Data Subject
- Processing – any operation or set of operations performed on Personal Data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal Data means any information related to a ‘Data Subject’, that can be used to directly or indirectly identify the Data Subject.
2.2. Personal Data Processed by Center for Responsible AI
Users: In order to provide and maintain our Service, to provide Customer care and support, to provide analysis or valuable information so that we can improve our Service, to monitor the usage of our Service, to detect, prevent and address technical issues the Center for Responsible AI may collect the following Personal Data (related to individuals):
- First and last name
- Email address
- Phone number
- IP address
- Billing details (in case of individual Customers)
- Taxpayer number (in case of individual Customers)
Clickstream, URL referral, and access times of Users’ agents are used by Center for Responsible AI to provide general statistics regarding the use of the platform. This information will not be used to identify any individual, being stored and visualized in aggregated, de-identified format.
Sources: All Personal Data processed by Center for Responsible AI regardings its Users, is either contributed/uploaded by them or collected by our search technology while scanning the web through market research surveys.
Legal Basis for the Processing: Center for Responsible AI processes the Personal Data of its some of its Users (Customers) either to perform their contractual obligations (or taking steps before entering the contract) or to pursue its legitimate interests of training its machine learning algorithms. Center for Responsible AI processes the Personal Data of some of its Users (Prospects) either based upon their consent or relying on its legitimate interest to communicate news or updates on its products and services, without prejudice to their right to object at any time to processing of Personal Data for marketing purposes. We promptly honor such opt-out requests.
Center for Responsible AI complies with the principle of data minimization. Therefore, Personal Data shall only be kept while it is adequate, relevant and limited to what is necessary in relation to the purposes of processing. For instance, Personal Data will be stored during the contractual relationship with our Customers (“active accounts”) or as long as valid consent is ensured by our Prospects, notwithstanding the need to preserve data for compliance with legal obligations during the term prescribed by law.
Users may exercise certain rights regarding their Data processed by Center for Responsible AI. In particular, users have the following rights, to the extent permitted by law:
- Access your Personal Data and information relating to how it is processed;
- Rectify or update your Personal Data;
- Transfer your Personal Data to a third party (right to data portability);
- Restrict how we process your Personal Data;
- Withdraw your consent – where we rely on consent as the legal basis for processing at any time;
- Object to how we process your Personal Data;
- Lodge a complaint with your local data protection authority;
- Delete your Personal Data from our records.
You can exercise some of these rights through your account or please send a request to [email protected]. These requests can be exercised free of charge and will be answered by Center of Responsible AI as early as possible and within one month, providing users with the information required by law.
Center for Responsible AI has implemented reasonable technical, organizational and administrative measures to safeguard and secure all information we collect online against loss, misuse, or alteration of the information under our control. This includes using encryption when collecting, transferring, or storing sensitive data. Our employees are bound by NDAs and are subject to continuous security awareness training.
By data breach we mean a breach of Center for Responsible AI’s security that leads to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise processed on Center for Responsible AI’s systems. We don’t consider a Personal Data breach any unsuccessful log-in attempts, pings, port scans, denial of service attacks, or other attacks on our systems.
In the event of a Personal Data breach that is likely to result in a high risk to the rights and freedoms of natural persons, Center for Responsible AI commits itself to notify all Data Subjects without undue delay, after the incident discovery. Center for Responsible AI also commits itself to notify the data protection authority without undue delay and, where feasible, no later than 72 hours after becoming aware of it if a breach may result in a risk to the rights and freedoms of natural persons. Finally, the Center for Responsible AI shall promptly provide the Controller with reasonable cooperation and assistance in respect of a data breach, in accordance with legal and contractual obligations.
Where required, Center for Responsible AI will use appropriate safeguards for transferring Personal Data outside the EEA, Switzerland and the UK. We will only transfer Personal Data pursuant to a legally valid transfer mechanism and we will always ensure at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see
European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see
European Commission: Model contracts for the transfer of personal data to third countries.
Center for Responsible AI websites and digital properties may link to external sites that are not controlled by the Center for Responsible AI. Your use of such websites will be subject to their privacy policies, which we encourage you to read. Center for Responsible AI is not responsible for the privacy practices or the content of such websites and does not make any representations about them.