This Privacy Policy governs the collection, use, maintenance, and protection of personal data by Stratpilot, a virtual assistant developed by Incepteo. We are committed to protecting the privacy and security of our users' data, in compliance with the General Data Protection Regulation (GDPR), the AI Act, and the Digital Services Act (DSA). This document outlines the types of personal data we collect, how we use it, and the measures we take to safeguard it.

Definitions:

• Privacy Policy: A legal document detailing how we collect, store, and use data disclosed by users regarding themselves, their teams, or their organizations.
• Personal Information: Information relating to an identifiable person or legal entity, as defined by GDPR.
• Cookies: Small text files stored in web browsers when accessing and using Stratpilot. These cookies collect and store targeted information to enhance our service by tracking user activity, device type, and preferences.

To access Stratpilot, users are required to provide personal data, including but not limited to name, surname, email address, and a chosen password. Once registered, users do have the option to add in additional personal data such as one's role, goals, hobbies and more in order to personalize their chat with AI. In addition, owners and admins can add members to a team via name, surname and email.

Consent to Data Collection:

• By signing up for Stratpilot, you consent to the collection and processing of your personal data as outlined in this Privacy Policy.

Stratpilot utilizes your personal information for the following purposes:

• Account Management: Verifying user identity and ensuring secure access to the platform.
• Communications: Responding to queries, sending updates, and delivering relevant announcements.
• Payments and Billing: Processing transactions securely through our trusted partner, Stripe.
• Platform Improvements: Conducting internal operations like troubleshooting, research, and analysis to improve user experience.
• Security: Protecting user data and maintaining the integrity of our systems.
• Personalization: Using AI-driven tools such as GPT to provide personalized assistance, tailored recommendations, and context-specific to-do lists.

Legal Basis for Processing:

The processing of personal data is grounded in the following legal bases under the GDPR:

• Performance of a contract: For fulfilling our obligations to provide you with our services.
• Consent: For specific use cases such as personalized marketing or AI-driven features.
• Legitimate interest: For internal operations, security measures, and business-related activities.

User passwords are encrypted, and personal data is stored on secure servers with strict access controls. Stratpilot employs industry-standard security measures to protect data from unauthorized access, alteration, or destruction. These measures include encryption, pseudonymization, and restricted access based on role-based permissions.

Data Retention:

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. You can request the deletion of your data at any time, subject to legal obligations.

Stratpilot shares personal data with trusted third-party service providers to deliver and optimize our services. These providers include:

• Hosting Providers: e.g., Microsoft Azure, securely hosting our platform and data.
• Analytics Providers: e.g., Google Analytics, analyzing user behavior to optimize performance.
• Email Service Providers: e.g., SendGrid, managing email communications.
• Payment Processors: e.g., Stripe, managing financial transactions.
• Business Partners and Subcontractors: Collaborators who contribute to platform development and maintenance.
• Integrated Applications: e.g., Outlook, enhancing functionality through data integration.

Third-Party Compliance:

All third-party partners are required to comply with the GDPR and other relevant data protection regulations. We ensure that our contracts with third parties include provisions to safeguard user data.

No Sharing for Marketing Purposes:

We do not share personal data for marketing or solicitation purposes. Non-personal data, such as aggregate usage statistics, may be shared with external parties to improve our services.

Stratpilot employs AI systems to enhance productivity and work-life balance. These AI systems process personal data to provide tailored recommendations, organizational tools, and personalized insights.

AI Transparency:

• While AI systems play a core role in Stratpilot's functionality, they are not monitored by human operators.
• The decision-making processes of the AI are automated, and the logic behind these decisions is based on algorithms designed to optimize user productivity and experience.

We are committed to safeguarding your data in compliance with GDPR. This includes:

• Right to Access: You may request access to your personal data.
• Right to Rectification: You can request corrections to inaccurate data.
• Right to Erasure: You may request the deletion of your data under certain circumstances.
• Right to Restrict Processing: You have the right to limit the processing of your data.
• Right to Data Portability: You may request a copy of your data in a machine-readable format.

Data Subject Rights:

To exercise these rights, contact us at support@stratpilot.ai. We will respond to requests in accordance with GDPR requirements, typically within 30 days.

At present, we are not storing any cookies. However, if this changes, this document will be updated accordingly. If Stratpilot does begin to use cookies in the future, please note that their purpose will solely be to understand how users are utilizing the platform to enhance their experience.

By clicking the "Accept" button when accessing Stratpilot, you agree to abide by our Privacy Policy and Terms of Service.

Reconfirmation:

You will be required to re-accept the Privacy Policy when accessing Stratpilot from different browsers or after significant updates to ensure ongoing consent.

We reserve the right to update this Privacy Policy to reflect changes in our practices and compliance with evolving legal requirements. We will notify users of material changes via email or platform notifications, and updates will be reflected on this page.

For any questions, concerns, or inquiries regarding our Privacy Policy or data practices, please contact us at support@stratpilot.ai. We are dedicated to ensuring your data is handled with care and transparency.

Stratpilot is committed to meeting GDPR standards, which include:

• Regular Updates: Our Privacy and Cookie Policies are regularly updated to ensure ongoing compliance.
• Training: All Stratpilot team members receive training on GDPR compliance and data protection protocols.
• Third-Party Audits: We ensure our third-party service providers also adhere to GDPR standards.

For any GDPR-related inquiries or data access requests, please contact us at support@stratpilot.ai.