Privacy Policy
Last updated: 5 June 2025
1. Who we are
Anlytic B.V. (“Anlytic”, “we”, “us”) provides an AI Business-Analyst platform available at anlytic.ai.
2. Data we collect
| Category | Source | Purpose |
|---|---|---|
| Account data (name, email, password hash, MFA secret) | User input | Create and secure workspaces |
| Billing data (card last 4 digits, country, VAT ID) | Stripe | Invoicing and tax purposes |
| Usage data (queries, dashboards created, agent logs) | Collected automatically | Improve features and detect abuse |
| Uploaded/Connected data (CSVs, database tables, SaaS connectors) | User or API | Provide analytics and AI insights |
| Support data (chat transcripts, screenshots) | Users | Troubleshooting |
3. How we use data
- Perform the contract (GDPR Art. 6 (1)(b))
- Comply with law (e.g., financial records, sanctions)
- Improve and secure the service (legitimate interest)
- Send product updates and beta invitations (consent / legitimate interest; you may unsubscribe)
4. AI processing notice
Uploaded data may be sent to our managed large-language-model cluster or OpenAI-compatible back-end strictly within your cloud region. Output is deterministic to your prompt; you remain responsible for validating insights before acting on them.
5. International transfers
Servers are located in the EU (Frankfurt) and the UAE (Dubai). Data transfers outside these locations rely on:
- EU-standard contractual clauses (SCCs) for non-EEA processors
- UAE PDPL Art. 23 adequacy or approved safeguards
- CCPA agreements for US processors
6. Retention
We keep account-level personal data while your subscription is active, then anonymise or delete it after 12 months. You can trigger early deletion via Settings → Danger Zone or by emailing privacy@anlytic.ai.
7. Your rights
| Region | Rights |
|---|---|
| EU/EEA | Access, rectify, erase, portability, restrict, object, no solely automated decisions |
| UAE (PDPL) | Access, correction, deletion, processing restriction |
| California | Know, delete, correct, opt-out of 'sale/share', non-discrimination |
Exercise rights by emailing support@anlytic.com or via workspace admin panel.
8. Security
AES-256 at rest, TLS 1.3 in transit; SOC 2 (Type II) in progress; least-privilege IAM; real-time anomaly detection.
9. Children
Our service is not directed to children under 16; we do not knowingly process their data.
10. Changes
Material changes will be announced in-app and by email 14 days before taking effect.