Aliac

Privacy Policy

Last Updated: November 10, 2025

Aliac ("we", "us", "our") operates the website https://aliac.eu (the "Service"). We are committed to protecting your privacy and handling your personal data in an open, transparent, and legally compliant manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our contact forms, or engage with our content.

This policy is compliant with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our Service, you consent to the practices described in this policy. If you do not agree with any part of this policy, please discontinue use of our Service.

1. Information We Collect

We collect different types of information to provide and improve our Service:

1.1 Personal Data You Provide

When you voluntarily interact with our Service, you may provide:

  • Contact Information: Name, email address, phone number, company name, and job title when you fill out our contact form or request information
  • Communication Data: Content of messages, inquiries, and feedback you send us via email or through our website
  • Newsletter Subscriptions: Email address and preferences if you subscribe to our updates
  • Event Registrations: Information provided when registering for webinars, workshops, or other events

1.2 Automatically Collected Data

When you access our Service, we automatically collect:

  • Usage Data: IP address, browser type and version, browser language, device type, operating system, pages visited, time spent on pages, navigation paths, and other diagnostic data
  • Analytics Data: Through Google Analytics 4, we collect aggregated statistics about user behavior, traffic sources, and engagement metrics. This data is pseudonymized and does not directly identify individuals
  • Cookie Data: Information stored in cookies and similar tracking technologies (see Section 6)
  • Log Data: Server logs that record access times, requested URLs, and error information for security and troubleshooting

1.3 Client Project Data

Important Distinction: Data and information provided to us by clients for AI and MLOps consulting services are governed by separate, confidential agreements (Master Services Agreement, Data Processing Agreements, or Non-Disclosure Agreements) and are NOT covered by this website privacy policy. Client data is processed strictly within contractual boundaries and is never used for marketing or analytics purposes.

2. Legal Basis for Processing (GDPR Compliance)

We process your personal data based on the following legal grounds:

  • Consent: When you explicitly opt-in to analytics cookies or newsletter subscriptions via our cookie banner or forms
  • Legitimate Interest: For website security, fraud prevention, and improving user experience based on aggregated analytics
  • Contractual Necessity: When you request services or information that require follow-up communication
  • Legal Obligation: When required to comply with applicable laws, regulations, or legal processes

3. How We Use Your Information

We use collected data for the following purposes:

  • Service Delivery: Respond to inquiries, provide requested information, and maintain website functionality
  • Analytics & Improvement: Monitor website usage patterns, analyze trends, and enhance user experience based on data-driven insights
  • Marketing Communications: Send newsletters, updates, and relevant content about AI and MLOps (only with explicit consent, which can be withdrawn anytime)
  • Professional Services: For clients, to fulfill contractual obligations for AI consulting, model development, and MLOps implementation
  • Security: Protect against unauthorized access, monitor for malicious activity, and ensure system integrity
  • Compliance: Fulfill legal obligations, enforce terms, and protect our legal rights

4. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience. You can manage preferences via our Cookie Preferences page.

4.1 Essential Cookies (Always Active)

  • aliac_cookie_consent: Stores your cookie preferences for 365 days. This cookie is strictly necessary and cannot be disabled.
  • session cookies: Temporary cookies for website functionality that expire when you close your browser

4.2 Analytics Cookies (Optional, Opt-out by Default)

  • Google Analytics 4: We use GA4 to collect aggregated usage statistics. These cookies help us understand visitor behavior and improve content
  • _ga: Main Google Analytics cookie (2-year lifespan)
  • _ga_<container-id>: Google Analytics site-specific cookie

Note: Analytics cookies are enabled by default but can be disabled through our cookie banner or preferences page. We do not use cookies for advertising or behavioral targeting.

4.3 How to Control Cookies

You can control cookies through:

  • Our Cookie Preferences page
  • Your browser settings (block all cookies or receive warnings)
  • Browser extensions for cookie management

Disabling cookies may limit some website features, but core functionality will remain available.

5. Data Sharing & Disclosure

We do NOT sell, trade, or rent your personal data. We may share information only in these limited circumstances:

  • Service Providers: Trusted third parties who assist in website hosting (Vercel), analytics (Google), email delivery, and infrastructure. All providers are GDPR-compliant and bound by confidentiality agreements
  • Legal Requirements: When required by law, court order, or to protect our rights, property, or safety
  • Business Transfers: In the event of a merger, acquisition, or asset sale (with notice to affected users)

We never share client project data with third parties except as explicitly authorized in your service agreement.

6. Data Retention

We retain your data only as long as necessary:

  • Contact Form Data: Deleted after 12 months unless you become a client
  • Analytics Data: Retained for 14 months (Google Analytics default), then automatically deleted
  • Cookie Consent: Stored for 365 days, then reset
  • Newsletter Subscriptions: Retained until you unsubscribe
  • Client Data: Governed by contractual agreements and industry standards

7. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data (subject to legal obligations)
  • Right to Restriction: Request limited processing of your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for analytics or marketing at any time

7.1 How to Exercise Your Rights

To exercise any of these rights:

  • Email us at [email protected] with subject "Data Privacy Request"
  • Use our Cookie Preferences page to manage consent
  • Unsubscribe from emails using the link in any marketing communication

We will respond to verified requests within 30 days as required by GDPR.

8. Data Security

We implement appropriate technical and organizational security measures:

  • Encryption: All data transmitted via our website uses TLS 1.3 encryption
  • Access Controls: Strict authentication and authorization for internal systems
  • Regular Audits: Periodic security assessments and penetration testing
  • Data Minimization: We collect only data necessary for stated purposes
  • Staff Training: Regular privacy and security training for all team members

While we strive to protect your data, no internet transmission is 100% secure. You use our Service at your own risk.

9. International Data Transfers

Aliac is based in Athens, Greece (EU). Your data is primarily processed within the European Economic Area (EEA). When using third-party services like Google Analytics:

  • We rely on Standard Contractual Clauses (SCCs) for data transfers
  • Providers maintain EU-US Data Privacy Framework certification where applicable
  • Analytics data is pseudonymized before transfer

10. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. We recommend reviewing their policies before providing personal data.

11. Children's Privacy

Our Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us immediately at [email protected] and we will delete it.

12. Changes to This Privacy Policy

We may update this policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be announced via website notice or email for subscribed users. Continued use of our Service constitutes acceptance of changes.

13. Contact Information

For questions about this Privacy Policy or data practices:

  • Email: [email protected]
  • Business Address: Aliac, Athens, Greece
  • Data Protection Officer: Contact us at the email above

This Privacy Policy is drafted in compliance with the General Data Protection Regulation (EU), (GDPR) and Greek data protection law.