GDPR Compliance for yoorAi

Effective Date: April 23, 2025

1. Introduction

At yoorAi, we are committed to protecting and respecting your privacy in compliance with the General Data Protection Regulation (GDPR) for users in the European Union (EU). This GDPR Compliance page outlines the measures we take to ensure the security and privacy of your personal data, as well as your rights under the GDPR. As we do not serve users in Europe at this time, we are in the process of adding specific provisions to our Privacy Policy regarding GDPR compliance for potential future expansion into the European market.

2. Data Protection Principles

In line with the GDPR, yoorAi is committed to ensuring that personal data is:

  1. Processed lawfully, fairly, and transparently – We will be clear about how we collect and use your personal data.
  2. Collected for specified, legitimate purposes – We will only collect personal data for specific purposes as outlined in our Privacy Policy.
  3. Accurate and up to date – We will ensure that your personal data is accurate and, where necessary, kept up to date.
  4. Kept in a form which permits identification – Personal data will be stored in a way that allows for the identification of data subjects only as long as necessary for the purposes of processing.
  5. Processed securely – We will take appropriate technical and organizational measures to secure your personal data and protect it from unauthorized or unlawful processing, loss, destruction, or damage.

3. Your Rights Under the GDPR

Under the GDPR, you have certain rights regarding your personal data. These include:

  1. The right to access – You can request a copy of the personal data we hold about you.
  2. The right to rectification – You can request that we correct any inaccurate or incomplete personal data we hold about you.
  3. The right to erasure (right to be forgotten) – You can request that we delete your personal data in certain circumstances.
  4. The right to restrict processing – You can request that we restrict the processing of your personal data in certain situations.
  5. The right to data portability – You can request that we transfer your personal data to another organization in a structured, commonly used, and machine-readable format.
  6. The right to object – You can object to the processing of your personal data in certain circumstances, including direct marketing.
  7. The right not to be subject to automated decision-making – You have the right not to be subject to decisions based solely on automated processing, including profiling, unless certain exceptions apply.

4. Lawful Bases for Processing Your Data

Under the GDPR, we are required to have a lawful basis for processing personal data. yoorAi relies on the following lawful bases for processing:

  1. Consent – We will ask for your consent when necessary, such as when you sign up for our newsletter or agree to receive marketing communications.
  2. Contractual necessity – We may process your personal data to fulfill contractual obligations, such as providing you with access to our services.
  3. Legitimate interests – We may process your data if we have a legitimate interest, such as improving our services or preventing fraud, provided that this does not override your rights and interests.
  4. Legal obligations – We may process your personal data to comply with our legal obligations, such as financial reporting or record-keeping requirements.

5. Data Transfers

Your personal data may be transferred to, and stored at, a destination outside the European Economic Area (EEA), including our servers hosted by OVH in Germany and third-party service providers. Where this is the case, we ensure that adequate safeguards are in place to protect your personal data in accordance with the GDPR, such as the use of standard contractual clauses or other mechanisms to ensure that your data is handled securely.

6. Data Breach Notification

In the event of a data breach that compromises your personal data, we will notify you without undue delay, and no later than 72 hours after becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms. We will also report the breach to the relevant supervisory authority if necessary.

7. Contact Information

If you have any questions about our GDPR practices or wish to exercise your rights, please contact us at:

Data Protection Officer: privacy [at] yoorai [dot] com

Support: support [at] yoorai [dot] com

This website uses cookies to improve your web experience.