StrategicAI

Privacy Policy

Effective Date: August 24, 2025
Last Updated: August 24, 2025

1. Who We Are

AI Strategic Services, MB is a Lithuanian company specializing in artificial intelligence consulting and technical services. Company code: 307395026.

Contact Information:

2. Scope and Application

This Privacy Policy applies to:

  • Our website (strategicai.eu) and any subdomains
  • Our AI consulting and technical services
  • All interactions with our company, both online and offline
  • Data processing activities related to our AI solutions and services

This policy does not cover third-party websites or services that we may link to or integrate with. Please review their respective privacy policies.

2.1 Use of Facebook Data

  • When you connect your Facebook Page to our service, we access limited data from the Facebook Graph API, including post performance metrics (e.g., reach, engagement, impressions) and Page-level insights. We use this data solely to provide marketing analytics, reports, and recommendations on behalf of our clients.
  • We do not sell, share, or use Facebook data for any purpose other than delivering these services. Clients can request deletion of their Facebook data at any time by contacting us at info@strategicai.eu

3. Legal Basis for Processing

We process personal data based on the following legal grounds under GDPR:

  • Consent (Article 6(1)(a)): When you explicitly consent to specific processing activities
  • Contract (Article 6(1)(b)): To perform our services and fulfill contractual obligations
  • Legal Obligation (Article 6(1)(c)): To comply with legal requirements and regulations
  • Legitimate Interest (Article 6(1)(f)): For business operations, security, and service improvement

4. What Personal Data We Collect

4.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number, company name, job title
  • Service Information: Project requirements, business objectives, technical specifications
  • Account Information: Login credentials, preferences, communication history
  • Payment Information: Billing address, payment methods (processed by secure third-party payment processors)
  • Communication Data: Messages, emails, meeting recordings (with consent), feedback

4.2 Information Collected Automatically

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Website navigation patterns, page views, session duration, click-through rates
  • Performance Data: System performance metrics, error logs, access patterns
  • Cookies and Tracking: As detailed in our Cookie Policy section

4.3 AI-Specific Data Collection

  • Training Data: Data provided for AI model training and customization (with explicit consent)
  • Processing Data: Data inputs and outputs from AI systems during service delivery
  • Model Performance: Accuracy metrics, system performance data, optimization results
  • Interaction Data: User interactions with AI systems, feedback on AI outputs

5. How We Use Your Personal Data

5.1 Service Delivery

  • Providing AI consulting and technical services
  • Developing and implementing AI solutions
  • Customizing AI models and systems
  • Providing technical support and maintenance
  • Managing project timelines and deliverables

5.2 Business Operations

  • Processing payments and managing accounts
  • Communicating about services and projects
  • Managing customer relationships
  • Conducting business analysis and planning
  • Ensuring service quality and compliance

5.3 AI Development and Improvement

  • Training and improving AI models (only with explicit consent)
  • Developing new AI capabilities and services
  • Conducting research and development activities
  • Creating anonymized datasets for algorithmic improvements

5.4 Legal and Compliance

  • Meeting regulatory requirements (GDPR, AI Act, etc.)
  • Protecting against fraud and security threats
  • Resolving disputes and legal matters
  • Maintaining audit trails and compliance records

6. AI-Specific Processing Activities

6.1 AI Model Training

When you consent to AI model training:

  • Your data may be used to improve AI algorithms
  • Data is typically anonymized or pseudonymized
  • You can withdraw consent at any time
  • Specific AI training activities are detailed in project agreements

6.2 Automated Decision-Making

We may use automated systems for:

  • Service Optimization: Improving AI model performance
  • Quality Assurance: Detecting errors or anomalies
  • Personalization: Customizing service delivery

Important: We do not make significant decisions about individuals based solely on automated processing without human oversight.

6.3 Third-Party AI Services

We may use third-party AI services (such as OpenAI, Anthropic Claude) for:

  • Natural language processing
  • Data analysis and insights
  • AI model enhancement

When using these services:

  • Data may be processed outside the EU (with appropriate safeguards)
  • We maintain data processing agreements with all AI service providers
  • You will be informed of specific third-party processing in project documentation

7. Data Sharing and Disclosure

7.1 We Share Data With:

  • Service Providers: Cloud hosting, payment processing, analytics (under strict data processing agreements)
  • AI Partners: Third-party AI service providers with appropriate safeguards
  • Professional Advisors: Legal counsel, auditors, consultants (under confidentiality agreements)
  • Regulatory Bodies: When required by law or regulation

7.2 We Do Not:

  • Sell personal data to third parties
  • Share data for marketing purposes without consent
  • Transfer data without appropriate safeguards
  • Use data beyond the scope of our services without permission

7.3 International Transfers

When transferring data outside the EU/EEA:

  • We use appropriate safeguards (Standard Contractual Clauses, adequacy decisions)
  • Data subjects are informed of transfer destinations
  • Additional security measures are implemented as needed

8. Data Retention

8.1 General Retention Periods

  • Client Data: Retained for the duration of service provision plus 7 years for legal compliance
  • Website Data: Retained for 2 years or until withdrawal of consent
  • Marketing Data: Retained until consent is withdrawn or legitimate interest expires
  • Financial Records: Retained for 10 years as required by Lithuanian law

8.2 AI-Specific Retention

  • AI Training Data: Retained based on project requirements and consent duration
  • Model Outputs: Retained for quality assurance and improvement purposes
  • Performance Metrics: Retained for service optimization and compliance

8.3 Secure Deletion

When data is no longer needed, we securely delete or anonymize it using industry-standard methods.

9. Your Rights Under GDPR

9.1 Data Subject Rights

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data („right to be forgotten”)
  • Portability: Receive your data in a machine-readable format
  • Restriction: Limit processing of your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Remove consent for specific processing activities

9.2 AI-Specific Rights

  • Explanation: Request information about automated decision-making processes
  • Human Review: Request human oversight of automated decisions
  • Algorithm Transparency: Understand how AI systems process your data

9.3 Exercising Your Rights

To exercise your rights:

  • Contact us at info@strategicai.eu
  • Provide identification and specify your request
  • We will respond within 30 days (may be extended in complex cases)
  • No fee applies unless requests are excessive or repetitive

10. Data Security

10.1 Technical Measures

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and monitoring
  • Regular Updates: Security patches and system updates

10.2 Organizational Measures

  • Staff Training: Regular privacy and security training
  • Data Minimization: Collecting and processing only necessary data
  • Privacy by Design: Building privacy into all systems and processes
  • Regular Audits: Internal and external security assessments

10.3 AI Security

  • Model Protection: Securing AI models and algorithms
  • Data Anonymization: Protecting identity in AI training data
  • Bias Detection: Monitoring for algorithmic bias and discrimination
  • Incident Response: Specialized procedures for AI-related security incidents

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Understanding website usage and performance
  • Preference Cookies: Remembering your settings and preferences
  • Marketing Cookies: Delivering relevant content and measuring effectiveness

11.2 Cookie Management

  • You can control cookies through your browser settings
  • Disabling cookies may affect website functionality
  • We provide cookie consent management tools on our website

11.3 Third-Party Tracking

We may use third-party analytics and marketing tools that collect data about your online activities. These are governed by their respective privacy policies.

12. Data Breach Notification

In the event of a data breach:

  • We will assess the risk to individuals’ rights and freedoms
  • Regulatory authorities will be notified within 72 hours if required
  • Affected individuals will be notified without undue delay if high risk is identified
  • We maintain detailed incident response procedures and breach registers

13. Children’s Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without proper consent, we will take steps to delete it promptly.

14. Compliance and Certifications

14.1 Regulatory Compliance

We comply with:

  • General Data Protection Regulation (GDPR)
  • EU AI Act requirements
  • Lithuanian data protection laws
  • Industry-specific regulations as applicable

14.2 Certifications and Standards

  • ISO 27001 Information Security Management (implementation in progress)
  • SOC 2 compliance for service organizations
  • Regular third-party security assessments

15. Updates to This Policy

We may update this Privacy Policy to reflect:

  • Changes in our services or business practices
  • New legal requirements or regulations
  • Feedback from users and stakeholders

Notification of Changes:

  • Material changes will be communicated via email to active users
  • Updates will be posted on our website with revision dates
  • Continued use of our services constitutes acceptance of updates

16. Contact Information

Data Controller: AI Strategic Services, MB
Email: info@strategicai.eu
Phone: +370 645 63499

Supervisory Authority: State Data Protection Inspectorate of the Republic of Lithuania
Address: A. Juozapavičiaus g. 6, LT-09310 Vilnius, Lithuania
Website: https://vdai.lrv.lt/

17. Definitions

  • AI System: Automated systems using artificial intelligence technologies
  • Data Controller: Entity determining purposes and means of data processing
  • Data Processor: Entity processing data on behalf of the controller
  • Data Subject: Individual whose personal data is being processed
  • Personal Data: Any information relating to an identified or identifiable natural person
  • Processing: Any operation performed on personal data
  • Pseudonymization: Processing personal data so it cannot be attributed to a specific person without additional information

By using our services or website, you acknowledge that you have read, understood, and agree to this Privacy Policy.

This policy is available in Lithuanian upon request. In case of conflicts between language versions, the English version shall prevail.