Aliac

Privacy Policy

Last Updated: March 3, 2026

Aliac ("we", "us", "our") operates the website https://aliac.eu (the "Service"). We are committed to protecting your privacy and handling your personal data in an open, transparent, and legally compliant manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our contact forms, or engage with our content.

This policy is compliant with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our Service, you acknowledge the practices described in this policy. Under our current website configuration, analytics cookies are enabled by default and can be turned off at any time through our cookie controls. If you do not agree with any part of this policy, please discontinue use of our Service.

1. Information We Collect

We collect different types of information to provide and improve our Service:

1.1 Personal Data You Provide

When you voluntarily interact with our Service, you may provide:

  • Contact Information: Name, email address, phone number, company name, and job title when you fill out our contact form or request information
  • Communication Data: Content of messages, inquiries, and feedback you send us via email or through our website

1.2 Automatically Collected Data

When you access our Service, we automatically collect:

  • Usage Data: IP address, browser type and version, browser language, device type, operating system, pages visited, time spent on pages, navigation paths, and other diagnostic data
  • Analytics Data: Through Google Analytics 4 (GA4), we collect aggregated statistics about user behaviour, traffic sources, and engagement metrics. Under our current website configuration, GA4 may be active when you first visit and remains subject to your cookie preferences. This data is pseudonymised and does not directly identify individuals
  • Cookie Data: Information stored in cookies and similar tracking technologies (see Section 4)
  • Log Data: Server logs that record access times, requested URLs, and error information for security and troubleshooting

1.3 Client Project Data

Important Distinction: Data and information provided to us by clients for AI and MLOps consulting services are governed by separate, confidential agreements (Master Services Agreement, Data Processing Agreements, or Non-Disclosure Agreements) and are NOT covered by this website privacy policy. Client data is processed strictly within contractual boundaries and is never used for marketing or analytics purposes.

Upon conclusion of a client engagement, all client data is handled in accordance with the applicable Data Processing Agreement. Unless the DPA specifies otherwise or retention is required by law, client data is securely deleted or returned within 90 days of project completion.

2. Legal Basis for Processing (GDPR Compliance)

We process your personal data based on the following legal grounds:

  • Legitimate Interest: For website security, fraud prevention, troubleshooting, maintaining reliable website operations, and understanding website usage patterns
  • Consent & Preferences: When you choose analytics settings through our cookie controls, including opting out or re-enabling analytics
  • Contractual Necessity: When you request services or information that require follow-up communication
  • Legal Obligation: When required to comply with applicable laws, regulations, or legal processes

3. How We Use Your Information

We use collected data for the following purposes:

  • Service Delivery: Respond to inquiries, provide requested information, and maintain website functionality
  • Analytics & Improvement: Monitor website usage patterns, analyse trends, and enhance user experience, with analytics enabled by default unless you opt out
  • Professional Services: For clients, to fulfil contractual obligations for AI consulting, model development, and MLOps implementation
  • Security: Protect against unauthorised access, monitor for malicious activity, and ensure system integrity
  • Compliance: Fulfil legal obligations, enforce terms, and protect our legal rights

4. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience. Under our current website configuration, analytics cookies are enabled by default. You can manage preferences at any time via our Cookie Preferences page.

4.1 Essential Cookies (Always Active)

  • aliac_cookie_consent: Stores your cookie preferences for 365 days. This cookie is strictly necessary and cannot be disabled.
  • Session cookies: Temporary cookies for website functionality that expire when you close your browser

4.2 Analytics Cookies (Google Analytics 4)

  • Google Analytics 4: We use GA4 to collect aggregated usage statistics. These cookies help us understand visitor behaviour and improve content
  • _ga: Main Google Analytics cookie (2-year lifespan)
  • _ga_<container-id>: Google Analytics site-specific cookie

Note: Analytics cookies are enabled by default under our current configuration. You can opt out at any time through cookie preferences or browser controls. We do not use analytics cookies for behavioural advertising on this website.

4.3 How to Control Cookies

You can control cookies through:

Disabling cookies may limit some website features, but core functionality will remain available.

4.4 Google Analytics Transparency Notice

As required by Google Analytics terms and policies, we disclose that Google may process analytics data collected on this website. Learn how Google uses information from sites or apps that use Google services at: https://policies.google.com/technologies/partner-sites.

5. Data Sharing & Disclosure

We do NOT sell, trade, or rent your personal data. We may share information only in these limited circumstances:

  • Service Providers: Trusted third parties who assist with analytics (Google) and email delivery. Our website is self-hosted on server infrastructure located within the European Union. All service providers are GDPR-compliant and bound by confidentiality agreements
  • Legal Requirements: When required by law, court order, or to protect our rights, property, or safety
  • Business Transfers: In the event of a merger, acquisition, or asset sale (with notice to affected users)

We never share client project data with third parties except as explicitly authorised in your service agreement.

6. Data Retention

We retain your data only as long as necessary:

  • Contact Form Data: Deleted after 12 months unless you become a client
  • Analytics Data: Retained according to our configured GA4 retention setting (currently up to 14 months), then automatically deleted or aggregated
  • Cookie Consent: Stored for 365 days, then reset
  • Client Data: Governed by contractual agreements and industry standards

7. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data (subject to legal obligations)
  • Right to Restriction: Request limited processing of your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Opt Out of Analytics: Disable analytics at any time via our Cookie Preferences page

7.1 How to Exercise Your Rights

To exercise any of these rights:

We will respond to verified requests within 30 days as required by GDPR.

7.2 Additional U.S. State Privacy Disclosures

If you are a resident of a U.S. state with consumer privacy rights (such as California, Colorado, Connecticut, Virginia, Utah, Oregon, Texas, or Montana), you may have rights to know, access, correct, delete, and opt out of certain processing activities, subject to applicable exceptions.

We do not sell personal information for monetary consideration. Depending on your browser settings and cookie choices, our use of third-party analytics technologies may be considered "sharing" under some U.S. state privacy laws. You can limit this processing by using our Cookie Preferences page and by contacting us at [email protected].

8. Data Security

We implement appropriate technical and organisational security measures:

  • Encryption: All data transmitted via our website uses TLS encryption
  • Access Controls: Strict authentication and authorisation for internal systems
  • Data Minimisation: We collect only data necessary for stated purposes

While we strive to protect your data, no internet transmission is 100% secure. You use our Service at your own risk.

9. Automated Decision-Making & Profiling

We do not engage in automated decision-making or profiling as defined under Article 22 of the GDPR. No decisions that produce legal effects or significantly affect you are made solely on the basis of automated processing of your personal data. Analytics data we collect is used only for aggregate, non-individual analysis to improve website content and user experience.

10. International Data Transfers

Aliac is based in Greece (EU). Your data is primarily processed within the European Economic Area (EEA). When using third-party services like Google Analytics:

  • We rely on Standard Contractual Clauses (SCCs) for data transfers
  • Providers maintain EU-US Data Privacy Framework certification where applicable
  • Analytics data is pseudonymised before transfer

11. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. We recommend reviewing their policies before providing personal data.

12. Children's Privacy

Our Service is not directed at children. Under Greek Law 4624/2019 (Article 21), the age of digital consent for information society services is 15 years. We do not knowingly collect personal data from individuals under 15. If you believe a child has provided us with personal data, contact us immediately at [email protected] and we will promptly delete it.

13. Changes to This Privacy Policy

We may update this policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be announced via website notice. Continued use of our Service after changes are posted constitutes acceptance of the revised policy.

14. Contact Information

For questions about this Privacy Policy or data practices:

This Privacy Policy is drafted in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Greek data protection law.