GDPR Privacy Notice

Last Updated: May 9, 2026

This GDPR Privacy Notice applies to individuals located in the European Economic Area ("EEA") and the United Kingdom ("UK") whose personal data is processed in connection with the Sydekiq.ai website, hosted infrastructure, AI tooling, APIs, automation systems, cloud services, and related offerings (collectively, the "Service").

This Notice supplements and should be read together with the Sydekiq.ai Privacy Policy.

1. Data Controller

For purposes of applicable data protection laws, including the General Data Protection Regulation ("GDPR") and the UK GDPR, Sydekiq.ai acts as the data controller for personal data processed in connection with the Service unless otherwise specified.

Contact:
Sydekiq.ai
Email: contact@sydekiq.ai

2. Categories of Personal Data We Process

Depending on your interaction with the Service, we may process the following categories of personal data:

A. Account and Registration Information

• Name
• Email address
• Username
• Company information
• Authentication credentials

B. Billing and Payment Information

• Billing address
• Subscription details
• Payment transaction metadata
• Limited payment information received from payment processors such as card brand, expiration date, and last four digits

C. Communications

• Customer support requests
• Feedback submissions
• Email communications
• Service-related correspondence

D. Technical and Usage Information

• IP address
• Device identifiers
• Browser type and operating system
• Usage logs and telemetry
• Session activity and interaction patterns
• API usage information
• Security and authentication logs

E. AI and Operational Data

• Prompts
• Workflows
• Configurations
• Files and datasets processed through the Service
• Automation settings and operational metadata

F. Approximate Location Data

• Approximate geographic location inferred from IP address

3. Legal Bases for Processing

We process personal data under one or more of the following legal bases:

A. Performance of a Contract

To provide, operate, maintain, and support the Service you request, including:

• Account creation
• Subscription management
• Instance provisioning
• Customer support
• API access
• Operational functionality

B. Legitimate Interests

To:

• Improve the Service
• Maintain infrastructure reliability
• Secure systems and detect abuse
• Prevent fraud and unauthorized access
• Analyze usage and performance
• Develop new features and products

We rely on legitimate interests only where such interests are not overridden by your fundamental rights and freedoms.

C. Legal Obligations

To comply with:

• Applicable laws and regulations
• Tax and accounting obligations
• Security and compliance obligations
• Lawful governmental requests

D. Consent

Where required by law, including certain marketing communications or optional analytics technologies, we rely on your consent, which may be withdrawn at any time.

4. How We Use Personal Data

We may use personal data to:

• Create and manage accounts
• Authenticate users and secure access
• Provision and maintain cloud infrastructure
• Process billing and subscriptions
• Operate AI-powered workflows and automations
• Monitor Service performance and reliability
• Detect fraud, abuse, or security incidents
• Provide customer support
• Communicate operational notices and security alerts
• Improve user experience and platform functionality
• Conduct analytics, diagnostics, and research

5. Automated Processing and AI Systems

The Service may involve automated processing using artificial intelligence systems, machine learning models, inference providers, and autonomous workflows.

You acknowledge that:

• AI outputs may be inaccurate or incomplete
• Automated systems may process content programmatically
• Human review may not occur before outputs are generated
• You are responsible for validating outputs before reliance or deployment

Unless explicitly disclosed or agreed otherwise, customer content is not used to train proprietary AI models.

6. Sharing of Personal Data

We may share personal data with:

• Payment processors such as Stripe
• Cloud hosting and infrastructure providers such as Amazon Web Services (AWS)
• Backend and database providers such as Supabase
• Security, analytics, communications, and customer support vendors
• AI model and inference providers necessary to operate the Service

These providers process personal data under contractual obligations designed to protect data and maintain confidentiality.

7. International Data Transfers

Personal data may be transferred to and processed in countries outside the EEA or UK, including the United States.

Where required by applicable law, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs)
• UK International Data Transfer Addendum
• Other legally recognized transfer mechanisms

You acknowledge that data protection laws in some jurisdictions may differ from those in your country of residence.

8. Data Retention

We retain personal data only for as long as reasonably necessary to:

• Provide the Service
• Fulfill contractual obligations
• Maintain security and operational integrity
• Comply with legal obligations
• Resolve disputes and enforce agreements

Retention periods vary depending on the nature of the data, operational requirements, security considerations, and legal obligations.

9. Your GDPR Rights

Subject to applicable law, you may have the right to:

• Access your personal data
• Correct inaccurate or incomplete information
• Request deletion of personal data
• Restrict processing
• Object to certain processing activities
• Request data portability
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority

These rights may be subject to limitations and exceptions under applicable law.

10. Exercising Your Rights

To exercise your rights or submit a privacy-related request, contact:

Email: contact@sydekiq.ai

We may request verification of your identity before processing certain requests.

We will respond within the timeframes required under applicable data protection laws.

11. Security Measures

We implement commercially reasonable technical and organizational safeguards designed to protect personal data, including:

• Encryption in transit
• Access controls
• Authentication systems
• Security monitoring
• Infrastructure isolation
• Backup protections

However, no system or transmission method can be guaranteed completely secure.

12. Supervisory Authorities

If you are located in the EEA or UK and believe your rights under applicable data protection laws have been violated, you may lodge a complaint with your local supervisory authority or data protection regulator.

13. Changes to This GDPR Notice

We may update this GDPR Privacy Notice periodically to reflect legal, regulatory, operational, or technological changes.

When updates occur, we will revise the "Last Updated" date above.

14. Contact Information

Sydekiq.ai
Email: contact@sydekiq.ai
Support: https://sydekiq.ai/support

← Back to home