GDPR Compliance
Introduction to GDPR Compliance
At Zyra AI, we are committed to protecting the privacy and security of your personal data. This GDPR Compliance page explains how we comply with the European Union's General Data Protection Regulation (GDPR) and outlines your rights as a data subject.
The GDPR is a regulation that strengthens and unifies data protection for individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA.
As a data controller, Zyra AI is responsible for determining the purposes and means of processing personal data. We take this responsibility seriously and have implemented appropriate technical and organizational measures to ensure that data processing is performed in accordance with the GDPR.
Your Rights Under GDPR
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You have the right to request a copy of your personal data that we hold.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
- Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data in certain circumstances.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to Data Portability: You have the right to request that we transfer your personal data to another controller.
- Right to Object: You have the right to object to the processing of your personal data in certain circumstances.
- Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise any of these rights, please use our GDPR Request Form below or contact our Data Protection Officer at privacy@zyra.edu.
How We Process Your Data
We process personal data for the following purposes:
- To provide and maintain our services
- To notify you about changes to our services
- To allow you to participate in interactive features of our services
- To provide customer support
- To gather analysis or valuable information so that we can improve our services
- To monitor the usage of our services
- To detect, prevent and address technical issues
- To provide you with news, special offers and general information about other goods, services and events which we offer
We process the following categories of personal data:
- Identity Data (name, username, date of birth)
- Contact Data (email address, telephone number, address)
- Educational Data (academic history, test scores, application information)
- Technical Data (IP address, browser type, device information)
- Usage Data (information about how you use our website and services)
- Marketing and Communications Data (preferences in receiving marketing and communications)
Legal Basis for Processing
We process your personal data only when we have a legal basis to do so. The legal bases we rely on include:
- Consent: Where you have given us explicit consent to process your personal data for a specific purpose.
- Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
- Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
- Legitimate Interests: Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
We will always be transparent about which legal basis we rely on for each processing activity.
International Data Transfers
Our operations are primarily based in the United States. When we transfer personal data from the European Economic Area (EEA) to countries outside the EEA, we ensure that appropriate safeguards are in place to protect your data.
These safeguards may include:
- Standard Contractual Clauses approved by the European Commission
- Binding Corporate Rules
- Adequacy decisions by the European Commission
- Other legally approved mechanisms
If you would like more information about the specific mechanism used when transferring your personal data, please contact our Data Protection Officer.
Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider:
- The amount, nature, and sensitivity of the personal data
- The potential risk of harm from unauthorized use or disclosure of your personal data
- The purposes for which we process your personal data
- Whether we can achieve those purposes through other means
- The applicable legal requirements
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Submit a GDPR Request
Use the form below to submit a request regarding your personal data. We will respond to your request within 30 days as required by the GDPR.
GDPR Data Subject Request
Contact Our Data Protection Officer
If you have any questions about our GDPR compliance or how we handle your personal data, please contact our Data Protection Officer at:
Data Protection Officer
Zyra AI, Corp.
123 Innovation Way
Palo Alto, CA 94301
United States
Email: privacy@zyra.edu
Phone: (650) 555-1234
Have Questions About Data Protection?
Our team is here to help you understand how we protect your data and privacy rights.