New:System Graph 2.0Learn more
🇪🇺GDPR Compliance

GDPR Compliance

Gdpr overview

EU & US regions

Processing

Available on request

Data Processing Agreement

Duration of contract + 30 days

Data Retention Period

Within 30 days of request

Erasure

Commitment

Zof AI is committed to protecting the personal data of our users and customers. We comply with the General Data Protection Regulation (GDPR) and implement robust data protection measures across our entire platform.

Principles

Zof AI adheres to the following core data protection principles in all processing activities.

  • Lawfulness - Personal data is processed lawfully, fairly, and transparently. We maintain clear legal bases for all processing activities.
  • Purpose - Personal data is collected for specified, explicit, and legitimate purposes only.
  • Minimization - We limit data collection to what is directly relevant and necessary.
  • Accuracy - We take reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.
  • Storage - Data is kept in identifiable form only as long as necessary for the processing purpose.
  • Integrity - We implement appropriate technical and organizational measures to ensure the integrity and confidentiality of personal data.

Rights

Under GDPR, you have the following rights regarding your personal data.

Access

Request a copy of the personal data we hold about you.

Rectification

Correct inaccurate or incomplete personal data in our records.

Erasure

Request deletion of your personal data when no longer needed.

Restrict

Limit how we process your data in certain circumstances.

Portability

Receive your data in a structured, machine-readable format.

Object

Object to processing based on legitimate interests or direct marketing.

Technical

Zof AI implements comprehensive technical and organizational measures to protect your data.

  • Encryption
  • Pseudonymization
  • Audits
  • Access Controls
  • Logging

Data Processing Agreement

Our Data Processing Agreement outlines the specific terms governing how we process personal data on your behalf.

  • Scope
  • Confidentiality
  • Security
  • Subprocessor
  • Rights
  • Breach

Sub Processors

We engage carefully vetted sub-processors to help deliver our services. Each sub-processor is contractually bound to process data only as instructed and to implement appropriate security measures. View our current list of sub-processors.

Transfers

When transferring data outside the European Economic Area, we use the following safeguards.

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions where applicable for the destination country.
  • Binding Corporate Rules for intra-group transfers where applicable.

Contact Dpo

If you have questions about data protection or wish to exercise your rights, please contact our Data Protection Officer.

Data Protection Officer

Email

Address

Related Policies

PrivacyData Processing AgreementSubprocessors
Zof AI — Autonomous Testing Agents for Enterprise Reliability