Privacy Policy

1. Introduction and Data Controller Information

1.1 This Privacy Policy describes how Majestik AI B.V. (“we,” “us,” “our,” or “Majestik AI”) collects, uses, protects, and shares personal information in compliance with the General Data Protection Regulation (GDPR), the EU AI Act, and applicable data protection laws in the Netherlands and France.

1.2 Data Controller Details:

• Company Name: Majestik AI B.V.
• Registered Addresses: Keizersgracht, Amsterdam, Netherlands, France
• Contact Email: privacy@majestikai.com
• Support Email: support@majestikai.com

2. AI Systems Transparency Notice

2.1 Use of Artificial Intelligence: Majestik AI uses AI systems classified as “limited risk” under the EU AI Act for:

• AI-powered chatbots for customer interaction
• Automated lead capture and qualification
• Appointment scheduling and booking systems
• Content generation and social media automation
• Email and SMS automation
• Voice-based outreach systems
• Review management automation

2.2 AI Interaction Notification: You and your customers will always be clearly informed when interacting with our AI systems. All AI-generated content and decisions are marked as such.

2.3 Human Oversight: All our AI systems include human oversight mechanisms. You have the right to request human review of any AI-made decision affecting you.

2.4 AI Data Training: We use aggregated, anonymized business interaction data to improve our AI services. Personal data is not used for AI training without explicit consent.

3. Information We Collect

3.1 Information You Provide Directly:

• Identity Data: Name, job title, company name
• Contact Data: Email address, phone number, business address
• Business Data: Company size, industry, service requirements
• Financial Data: Payment information, billing address
• Project Data: Service preferences, customization requirements
• Communication Data: Emails, messages, support requests

3.2 Information Collected Automatically:

• Technical Data: IP address, browser type, device information
• Usage Data: Website interactions, feature usage, performance metrics
• Cookie Data: Analytics cookies, functional cookies (see Cookie Policy)
• AI Interaction Data: Chatbot conversations, automation performance

3.3 Information from Third Parties:

• Public Sources: LinkedIn, company websites, business registries
• Partners: Referral information from business partners
• Service Providers: Payment processors, analytics providers

4. Legal Basis for Processing

4.1 We process your personal data under the following legal bases:

• Contract Performance: To provide our AI automation services
• Legitimate Interests: For business operations, security, and service improvement
• Consent: For marketing communications and certain AI features
• Legal Obligations: To comply with tax, accounting, and regulatory requirements
• Vital Interests: In exceptional circumstances to protect life

4.2 You may withdraw consent at any time by contacting privacy@majestikai.com

5. How We Use Your Information

5.1 Service Delivery:

• Providing AI automation solutions and platform access
• Customizing services to your business needs
• Managing your account and authentication
• Processing payments and billing

5.2 Communication:

• Responding to inquiries and support requests
• Sending service updates and important notices
• Marketing communications (with consent)
• Training and onboarding communications

5.3 Improvement and Development:

• Analyzing service usage and performance
• Developing new features and services
• Improving AI accuracy and effectiveness
• Conducting business analytics

5.4 Legal and Security:

• Preventing fraud and ensuring platform security
• Complying with legal obligations
• Protecting our legal rights and interests
• Maintaining audit trails and records

6. Automated Decision-Making and Profiling

6.1 Our AI systems may engage in automated processing for:

• Lead scoring and qualification
• Response prioritization
• Content personalization
• Service recommendations

6.2 Your Rights: You have the right to:

• Request human intervention in automated decisions
• Express your point of view
• Contest any automated decision
• Opt-out of automated decision-making affecting you

7. Data Sharing and Third-Party Processors

7.1 Service Providers We Use:

• Majestik AI Studio (CRM and automation platform) – NL
• Google Cloud Platform (hosting) – EU data centers
• Stripe (payment processing) – EU operations
• Microsoft Azure (backup and analytics) – EU region
• DocuSign (contract management) – EU data centers

7.2 Categories of Recipients:

• Authorized employees and contractors
• Professional advisors (lawyers, accountants)
• Government authorities (when legally required)
• Business partners (with your consent)
• Potential buyers (in case of business sale)

7.3 We NEVER sell your personal data to third parties.

8. International Data Transfers

8.1 Some of our service providers operate outside the EEA, particularly in the USA.

8.2 Safeguards: We ensure appropriate safeguards through:

• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions where applicable
• Transfer Impact Assessments (TIAs)
• Additional security measures

8.3 You may request copies of our transfer safeguards by contacting privacy@majestikai.com

9. Data Retention

9.1 Retention Periods:

• Customer Account Data: Duration of service + 3 years
• Financial Records: 7 years (legal requirement)
• Marketing Data: Until consent withdrawn or 3 years of inactivity
• Support Communications: 2 years
• AI Interaction Logs: 6 months (unless longer retention agreed)
• Website Analytics: 26 months

9.2 We regularly review and securely delete data that is no longer needed.

10. Data Security

10.1 Technical and Organizational Measures:

• 256-bit SSL encryption for data in transit
• AES-256 encryption for data at rest
• Multi-factor authentication
• Regular security audits and penetration testing
• Employee training and confidentiality agreements
• Incident response procedures
• Regular backups and disaster recovery plans

10.2 Breach Notification: In case of a data breach, we will notify affected individuals and relevant authorities within 72 hours as required by GDPR.

11. Your Rights Under GDPR

11.1 You have the following rights regarding your personal data:

• Right to Access: Obtain confirmation and copies of your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure (“Right to be Forgotten”): Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to certain processing activities
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with supervisory authorities

11.2 To exercise any of these rights, contact: privacy@majestikai.com

11.3 We will respond to your request within 30 days.

12. Cookies and Tracking Technologies

12.1 We use cookies and similar technologies for:

• Essential website functionality
• Analytics and performance monitoring
• Marketing and advertising (with consent)
• User preference storage

12.2 Cookie Types:

• Strictly Necessary Cookies (always active)
• Performance/Analytics Cookies (with consent)
• Functional Cookies (with consent)
• Marketing Cookies (with consent)

12.3 You can manage cookie preferences through our cookie banner or browser settings. 

13. Children’s Privacy

13.1 Our services are not directed to individuals under 16 years of age.

13.2 We do not knowingly collect personal data from children under 16.

13.3 If we discover we have collected data from a child under 16, we will promptly delete it.

14. Data Processing for Clients (Processor Role)

14.1 When processing data on behalf of our clients, we act as a Data Processor.

14.2 Our Obligations as Processor:

• Process data only on documented instructions
• Ensure confidentiality of personnel
• Implement appropriate security measures
• Assist with data subject requests
• Delete or return data after service termination
• Maintain processing records

14.3 Data Processing Agreements are available at: legal@majestikai.com

15. Marketing Communications

15.1 We send marketing communications only with your explicit consent.

15.2 Opt-Out Options:

• Click “unsubscribe” in any marketing email
• Email: privacy@majestikai.com
• Update preferences in your account settings

15.3 Opting out of marketing does not affect service-related communications.

16. California Privacy Rights (for US Visitors)

16.1 California residents have additional rights under CCPA.

16.2 We do not sell personal information.

16.3 For CCPA requests, contact: privacy@majestikai.com

17. Supervisory Authorities

17.1 You have the right to lodge a complaint with:

Netherlands:

• Autoriteit Persoonsgegevens (Dutch DPA)
• Website: www.autoriteitpersoonsgegevens.nl
• Phone: +31 (0)88 – 1805 250

France:

• Commission Nationale de l’Informatique et des Libertés (CNIL)
• Website: www.cnil.fr
• Phone: +33 (0)1 53 73 22 22

18. Changes to This Privacy Policy

18.1 We may update this Privacy Policy to reflect changes in our practices or legal requirements.

18.2 Material changes will be notified via:

• Email notification to registered users
• Prominent notice on our website
• In-platform notifications

18.3 Continued use after changes constitutes acceptance of the updated policy.

19. Contact Information

19.1 For Privacy Inquiries:

• Email: privacy@majestikai.com
• Postal: Majestik AI, Amsterdam, Netherlands

19.2 For General Support:

• Email: support@majestikai.com

19.3 Response Times:

• Privacy requests: Within 30 days
• General inquiries: Within 48 hours
• Urgent security matters: Within 24 hours

20. Accessibility

20.1 This Privacy Policy is available in:

• English

20.2 For accessible formats in different languages or assistance understanding this policy, contact: support@majestikai.com

© 2025 Majestik AI B.V. All rights reserved.