Privacy Policy

1. Data Controller Information

Data Controller: AI-rudder (operated by Alexandru Serbanati)
Address: Brussels, Belgium
Email: [email protected]
Website: ai-rudder.com

2. What Information We Collect

When you complete our AI Readiness Assessment survey, we collect:

Personal Information

• Contact Details: Name, surname, email address, company name
• Survey Responses: All answers provided in the AI readiness assessment questionnaire
• Technical Information: IP address, browser type, device information (automatically collected)

How We Collect Information

• Directly from you: Through the survey form hosted on Microsoft Forms and the contact form on our website
• Automatically: Technical information collected when you access our survey or website

3. Legal Basis for Processing

• Contract Performance (Article 6(1)(b) GDPR): To deliver your requested AI readiness report and respond to inquiries
• Consent (Article 6(1)(a) GDPR): For marketing communications (separate opt-in required)
• Legitimate Interest (Article 6(1)(f) GDPR): For business analytics and service improvement

4. How We Use Your Information

Primary Purposes

• Report Generation: Create and deliver your personalized AI readiness assessment report
• Service Delivery: Analyze your survey responses to provide tailored insights and recommendations
• Communication: Send you the requested report and respond to any questions

Secondary Purposes (Legitimate Interest)

• Service Improvement: Analyze aggregated, anonymized data to enhance our assessment methodology
• Business Development: Understand market needs and improve our service offerings
• Marketing Communications: Send information about AI strategy insights and AI-rudder services (only with your explicit consent)

AI Processing

We may use artificial intelligence tools to analyze survey responses and generate insights for your personalized report.

5. Data Sharing and Third Parties

We do not sell, rent, or share your personal data with third parties for their own purposes. We use the following service providers to deliver our services:

Service Providers (Data Processors)

• Microsoft Corporation: Survey hosting via Microsoft Forms, data storage, and automated processing through Microsoft 365 services (Power Automate, Outlook, Word, Copilot)
• Internal Analytics Tools: Custom-built analytics tools operated exclusively within our Microsoft 365 tenant

All service providers are bound by data processing agreements and GDPR compliance requirements.

Legal Requirements

We may disclose your information if required by law, court order, or governmental authority.

6. International Data Transfers

Your data is processed within the European Union (Belgium) and by Microsoft Corporation under appropriate safeguards:

• Microsoft 365 Services: Protected by Microsoft's Data Protection Addendum and EU Standard Contractual Clauses
• Adequacy Decisions: We only transfer data to countries with adequate data protection as recognized by the European Commission

7. Data Retention

We retain your personal data for:

• Non-clients: 3 years from the date of survey completion
• Clients: For the duration of our business relationship plus 7 years for legal and accounting requirements
• Marketing Consent: Until you withdraw consent or after 3 years of inactivity

You can request earlier deletion at any time (see Your Rights section).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Data encrypted in transit and at rest
• Access Control: Limited access to authorized personnel only
• Microsoft Security: Leveraging Microsoft 365's enterprise-grade security infrastructure
• Regular Updates: Continuous monitoring and updating of security measures

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

10. Marketing Communications

Opt-in Requirement

We will only send marketing communications if you explicitly opt-in by checking the marketing consent checkbox in the survey.

Unsubscribe

You can unsubscribe from marketing emails at any time by:

• Clicking the unsubscribe link in any marketing email
• Emailing [email protected]
• Contacting us through our website

11. Cookies and Tracking

Our Website

We do not use cookies or tracking technologies on our main website.

Microsoft Forms

Microsoft Forms may use cookies for functionality and security. Please refer to Microsoft's Privacy Policy for details.

12. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16.

13. Geographic Scope

This service is primarily designed for businesses in the European Union, particularly Belgium and surrounding regions. However, we acknowledge that our online survey may be accessible worldwide.

14. Changes to This Privacy Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending email notification to survey participants (if we have your consent for communications)

15. Complaints and Supervisory Authority

If you believe we have not handled your personal data appropriately, you can:

1. Contact us directly: [email protected]
2. File a complaint with the Belgian Data Protection Authority:
   • Website: www.dataprotectionauthority.be
   • Address: Rue de la Presse 35, 1000 Brussels, Belgium
   • Phone: +32 (0)2 274 48 00