Privacy

Privacy Policy

This policy explains how the AIDA website handles website-level data, inquiry data, infrastructure providers, and future demo assistant interactions. It is written as a practical public notice for the current site setup.

Privacy Policy Cookie Notice How we use AI
AIDA currently identifies the public-facing service by its brand name only. This public notice is intentionally careful not to invent controller details that are not yet published on the site.

1. Scope of this notice

This notice covers the public AIDA website, website-level technical processing, contact inquiries sent through the website, and any future demo assistant interactions if and when that assistant is enabled on the site.

It does not describe project-specific data processing inside client systems. Those flows depend on the individual scope of work and should be documented separately where required.

2. Applicable legal framework we take into account

For Serbia, we take into account the Law on Personal Data Protection ("Official Gazette of RS", No. 87/2018).

For the EU/EEA, we take into account Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and, where relevant to cookies or terminal-side storage, Directive 2002/58/EC (Directive on privacy and electronic communications).

For U.S. users, we take into account applicable state privacy laws where relevant, including the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).

3. What data may be processed through this site

Information you actively submit through the contact form: your name, email address or Telegram handle, and the content of your message or project request.

Technical request and delivery data that may arise through the hosting layer: IP-related request data, basic request metadata, device or browser information, timestamps, delivery diagnostics, and security-related logs processed by the hosting environment.

If a future demo assistant is enabled, the content of messages you voluntarily send to that assistant in connection with service questions or a possible order.

4. How we use the data

To answer your inquiry and provide an initial assessment of the task you describe.

To operate, secure, debug, and improve the website and the website infrastructure.

If a future demo assistant is enabled, to answer questions about our services, clarify what kind of solution you may want to order, and route that inquiry appropriately.

We do not state that this site uses personal data for hidden profiling, covert pressure, vulnerability exploitation, or automated final decision-making in sensitive contexts.

5. Sensitive data warning

Please do not send non-anonymized medical, HR, financial, or other sensitive personal data through the public website form or a future demo chat unless and until a safer processing route is explicitly agreed.

If a project requires work with sensitive material, the preferred path is to move it first into a safer, more controlled processing format.

6. Service providers and where data may go

Vercel. The website is hosted on Vercel. As part of hosting, request handling, delivery, diagnostics, and security operations, Vercel may process technical data such as request metadata, logs, IP-related information, system configuration details, and performance information.

Resend. When the contact form backend is enabled, inquiry messages are sent through Resend so that the website can deliver the inquiry as an email. Form content, sender details, recipient details, message metadata, and related delivery or API logs may therefore be processed within Resend.

n8n. If and when a future demo assistant is enabled, inquiry-related message content may be routed through n8n workflows for operational handling. The intended scope is limited to understanding the requested service, the requested type of order, and — where lawful and proportionate — which solutions the visitor was interested in.

7. What we do not currently claim

We do not currently state that the public site uses advertising pixels, cross-site tracking, or non-essential profiling cookies.

We do not currently state that the demo assistant, once enabled, will be used to infer protected characteristics, score personality, or exploit vulnerabilities.

If that functional scope changes, the public notice should be updated before or at the time of deployment.

8. Legal bases

Depending on the situation, processing may rely on one or more of the following grounds: your request before a contract is formed, steps related to a potential contract, legitimate interests in operating and securing the site, consent where consent is legally required, and compliance with applicable legal obligations.

9. Retention

Website-level technical data is retained only for as long as reasonably needed for delivery, security, debugging, and operational review under the relevant provider setup.

Inquiry data is retained only as long as reasonably necessary to answer the inquiry, continue the related business communication, or protect legal claims.

If a future demo assistant is enabled, message content related to an order inquiry should be retained only for as long as needed to handle that inquiry and should not silently become a long-term behavioral dossier.

10. International transfers

Because infrastructure and email delivery providers may operate internationally, personal data may be processed outside Serbia or outside the country from which the visitor accesses the site. Where applicable, appropriate transfer mechanisms or provider safeguards should be used.

11. Your rights

Depending on the applicable law and your location, you may have rights of access, rectification, erasure, restriction, objection, portability, withdrawal of consent where consent is the basis, and complaint to a competent supervisory authority.

For Serbia, the competent supervisory authority is the Commissioner for Information of Public Importance and Personal Data Protection.

For the EU/EEA, you may also contact your local data protection authority as relevant.

For California residents, rights may include the right to know, delete, correct, and opt out of sale or sharing, where such obligations apply.

12. Contact and missing controller details

This site currently identifies the public-facing service as AIDA AI digital agency. Before final production launch, the notice should also display the full legal name of the operator, a working contact address for privacy requests, and, where applicable, a registered address or appointed contact for data protection matters.

Until those details are published, do not infer more controller detail than is actually displayed on the site.

13. Changes to this notice

This notice should be updated if the form backend changes, if analytics or marketing tools are added, if the demo assistant goes live, if additional processors are introduced, or if the operator details are completed.

This site currently uses only essential browser storage for interface preferences. Hosting infrastructure may also process technical logs. See our Privacy Policy and Cookie Notice.
Learn more