Privacy Policy

Last updated: May 2026

We collect only what we need to provide the service. We do not sell your data. We do not share your data with third parties except as required to deliver the service.

1. Who We Are

Aiella provides technical AI compliance monitoring software. This Privacy Policy explains how we collect, use, and protect information when you use our services including the free EU AI Act risk scanner at aiella.com.

2. Information We Collect

Information you provide directly: email address, company name, description of your AI system, and responses to scanner form questions.

Information collected automatically: IP address, browser type, pages visited, and referring URL.

We do not collect sensitive personal data such as health information, financial account details, or government identification numbers.

3. How We Use Your Information

We use your information to generate and deliver your risk assessment report, send you the report by email, improve our risk classification system, and send product updates if you have joined our mailing list.

4. Legal Basis for Processing (EU and UK Users)

Our legal bases are contract performance for delivering your report, legitimate interests for improving our service, and consent for marketing communications where you have opted in.

5. Data Sharing

We do not sell your data. We share data only with AWS for cloud infrastructure and email delivery, and with Anthropic via AWS Bedrock where your AI system description is processed by Claude to generate your risk classification.

6. Data Retention

We retain scan data for up to 12 months. Email addresses on our mailing list are retained until you unsubscribe. You may request deletion at any time.

7. Your Rights

Depending on your location you may have the right to access, correct, or delete your personal data, object to or restrict processing, and request data portability. To exercise these rights connect with us on LinkedIn or through aiella.com.

8. Cookies

We use only essential cookies required for the website to function. We do not use advertising cookies or third party tracking.

9. Security

We use industry standard security measures including encrypted data transmission, access controls, and secure cloud infrastructure.

10. International Transfers

Your data is processed on AWS infrastructure in the United States under AWS’s data processing agreements which include Standard Contractual Clauses approved by the European Commission.

11. Contact

For privacy questions connect with us on LinkedIn or at aiella.com.