← Back to home

Privacy Policy

Last updated: February 12, 2026

1. Controller

MATACRO SERVICES LTD (company number 08353932), registered office: The Pagoda, 30 Avenue Road, Bournemouth, England, BH2 5SL. Contact: hello@aicertify.eu.

2. Data We Collect

  • Account/session identifiers and magic-link token hashes.
  • Email address and system/project name entered by users.
  • Questionnaire responses and generated assessment outputs.
  • Technical logs needed for security, fraud prevention, and service reliability.

3. Purposes and Legal Bases (GDPR)

  • Provide the assessment service and reports (Art. 6(1)(b) GDPR).
  • Operate and secure the service, prevent abuse, and debug incidents (Art. 6(1)(f) GDPR).
  • Comply with legal obligations such as accounting/tax where applicable (Art. 6(1)(c) GDPR).
  • Send marketing only if/when you collect valid consent (Art. 6(1)(a) GDPR).

4. Sensitive Data and User Responsibilities

Users should not submit unnecessary personal or special-category data unless required for their legitimate assessment use. If sensitive data is submitted, users are responsible for ensuring they have an appropriate legal basis.

5. Sharing and Processors

Describe all third-party processors here (hosting, email delivery, payment provider once enabled) and link to their privacy/security information. Execute data processing agreements where required.

6. International Transfers

If data is transferred outside the EEA/UK, describe transfer mechanism(s) (e.g., adequacy decision, SCCs) and safeguards.

7. Retention

Define concrete retention periods before launch. Suggested baseline: questionnaire/session data retained for [X months], security logs for [Y months], billing/accounting records per statutory period.

8. Data Subject Rights

Individuals may request access, rectification, erasure, restriction, objection, and portability where applicable. Operational privacy contact: hello@aicertify.eu.

9. Security

We use technical and organizational controls appropriate to risk, including access controls, token hashing, and environment-level protections. No internet service is completely risk-free.

10. AI Assessment Disclaimer

This product provides a readiness assessment and informational report. It is not legal advice, not a conformity assessment, and not certification.

11. Complaints

Individuals may lodge complaints with their local data protection authority. In the UK, this is typically the Information Commissioner's Office (ICO).