eulaw.ai ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered legal document processing platform.
Data Controller
Company: eulaw.ai
CVR Number: 45768554
Country: Denmark
Email: admin@eulaw.ai
Website: https://eulaw.ai
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address, name (optional), and authentication credentials
- Legal Documents: Documents you upload for analysis and processing
- Queries and Conversations: Your questions and interactions with our AI system
- Payment Information: Processed securely through Stripe (we do not store payment card details)
- Communication Data: Information from support requests or feedback
1.2 Information Collected Automatically
- Usage Data: How you interact with our service, features used, and session information
- Technical Data: IP address, browser type, device information, and operating system
- Cookies: Essential cookies for authentication and session management
- Log Data: Service logs for security and performance monitoring
2. Legal Basis for Processing
We process your personal data based on the following legal grounds under GDPR Article 6:
- Contract Performance (6.1.b): To provide our legal AI services and manage your subscription
- Legitimate Interests (6.1.f): For service improvement, security, and fraud prevention
- Legal Obligations (6.1.c): To comply with applicable laws and regulations
- Consent (6.1.a): For optional features and marketing communications (where applicable)
3. How We Use Your Information
3.1 Service Provision
- Process and analyze your legal documents using advanced AI language models
- Provide AI-powered legal information and document insights from our 450k+ document knowledge base
- Maintain your chat history and document library with persistent document access
- Manage your account, subscription, and secure authentication
- Process payments securely through Stripe integration
3.2 Service Improvement
- Monitor system performance and ensure service reliability
- Develop new features based on usage patterns (anonymized data only)
- Ensure security through access controls and audit logging
- Optimize AI response quality within our closed system
3.3 Important Commitments
- No AI Training on Your Data: Your personal conversations and documents are not used to train AI models
- Full Data Control: You are in full control of your data, and can manage it at anytime including full deletion
- Data Security: Your data will never leave our infrastructure and servers
- No Data Sales: We never sell your personal data to third parties
- Data Minimization: We only collect data necessary for service provision
- EU Data Processing: All AI processing occurs within European Union data centers
4. Data Storage and Security
4.1 Where We Store Your Data
- Your data is stored securely on enterprise-grade cloud infrastructure
- Primary data location: European Union
- All data transfers comply with GDPR requirements
- AI processing occurs within European Union data centers
4.2 Security Measures
- End-to-end encryption for data transmission
- Encryption at rest for stored data
- Regular security audits and updates
- Access controls and authentication requirements
- Secure backup and disaster recovery procedures
5. Data Retention
We retain your data for different periods based on its type and purpose:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 30 days | Service provision |
| Chat History | Until deleted by user or account closure | User convenience |
| Uploaded Documents | Until deleted by user or account closure | Continued analysis |
| Payment Records | 7 years | Legal requirements |
| Security Logs | 90 days | Security monitoring |
6. Your Rights Under GDPR
As a data subject, you have the following rights:
- Right to Access (Article 15): Request a copy of your personal data
- Right to Rectification (Article 16): Correct inaccurate personal data
- Right to Erasure (Article 17): Request deletion of your personal data
- Right to Restriction (Article 18): Limit processing of your data
- Right to Portability (Article 20): Receive your data in a portable format
- Right to Object (Article 21): Object to certain processing activities
- Right to Withdraw Consent: Withdraw consent at any time (where applicable)
How to Exercise Your Rights
- Data Export: Use the "Export Data" feature in your Privacy settings
- Account Deletion: Contact us at admin@eulaw.ai
- Other Requests: Email admin@eulaw.ai with your request
We will respond to your request within 30 days as required by GDPR.
7. Data Sharing and Third Parties
7.1 Service Providers
We share data with trusted service providers who assist in operating our platform:
- Stripe: Payment processing (PCI-DSS compliant)
- Cookiebot: Cookie consent management and GDPR compliance
7.2 Legal Requirements
We may disclose your information if required by law, court order, or governmental authority, or to protect our rights and safety.
7.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you of any such change.
8. International Data Transfers
Your data may be transferred outside the EU/EEA. When this occurs, we ensure appropriate safeguards:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Additional security measures to protect your data
9. Cookies and Tracking
We use essential cookies necessary for the operation of our service:
- Authentication Cookies: Secure authentication tokens for user login
- Session Cookies: To maintain your session state and preferences
- Security Cookies: To prevent fraud and protect your account
- Cookie Consent: Cookiebot manages cookie consent preferences
We do not use Google Analytics or other tracking cookies. You can manage cookie preferences through the Cookiebot consent banner or your browser settings.
10. Children's Privacy
Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the data immediately.
11. Data Protection Contact
For questions about data protection or to exercise your rights, contact our designated data protection contact:
Email: admin@eulaw.ai
Subject Line: Data Protection Request
Note: As a small Danish company, we are not required to appoint a formal Data Protection Officer under GDPR Article 37, but we maintain dedicated data protection expertise.
12. Complaints
If you have concerns about how we handle your data, you have the right to lodge a complaint with:
- Danish Data Protection Agency (Datatilsynet)
Website: www.datatilsynet.dk
Email: dt@datatilsynet.dk
Phone: +45 33 19 32 00
13. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or through our service. The "Last updated" date at the top indicates the most recent revision.
14. Special Categories of Data
Important: Legal documents may contain sensitive personal data. We process such data only:
- With your explicit consent through document upload
- Using enhanced security measures
- Under strict confidentiality
- In compliance with GDPR Article 9 requirements
15. Automated Decision-Making
Our AI provides legal information and analysis but does not make automated decisions with legal effects. All AI outputs are informational only and should not replace professional legal advice.
16. Contact Us
For any questions about this Privacy Policy or our data practices:
Email: admin@eulaw.ai
Website: https://eulaw.ai
Company: eulaw.ai
CVR: 45768554
Country: Denmark