GDPR Compliance
Zof AI is fully compliant with the General Data Protection Regulation (GDPR), ensuring your data is protected under European privacy standards.
EU-Based
Data Processing
Yes
Data Processing Agreement
Configurable
Data Retention Period
Supported
Right to Erasure
Our GDPR Commitment
Zof AI is committed to protecting the personal data of our users and customers. We comply with the General Data Protection Regulation (GDPR) and implement robust data protection measures across our entire platform.
Data Processing Principles
Zof AI adheres to the following core data protection principles in all processing activities.
- Lawfulness, fairness, and transparency - We process data lawfully and transparently
- Purpose limitation - Data is collected for specified, explicit purposes
- Data minimization - We only collect data that is necessary
- Accuracy - We keep personal data accurate and up to date
- Storage limitation - Data is kept only as long as necessary
- Integrity and confidentiality - We ensure appropriate security
Your Rights Under GDPR
Under GDPR, you have the following rights regarding your personal data.
Right to Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate personal data
Right to Erasure
Request deletion of your data
Right to Restrict
Limit how we use your data
Right to Portability
Receive your data in a portable format
Right to Object
Object to processing of your data
Technical Measures
Zof AI implements comprehensive technical and organizational measures to protect your data.
- End-to-end encryption for data in transit and at rest
- Pseudonymization and anonymization where applicable
- Regular security audits and penetration testing
- Access controls and authentication mechanisms
- Comprehensive logging and audit trails
Data Processing Agreement
Our Data Processing Agreement outlines the specific terms governing how we process personal data on your behalf.
- Scope and nature of data processing
- Confidentiality obligations
- Security measures
- Sub-processor management
- Data subject rights assistance
- Data breach notification procedures
Sub-Processors
We engage carefully vetted sub-processors to help deliver our services. Each sub-processor is contractually bound to process data only as instructed and to implement appropriate security measures. View our current list of sub-processors.
Data Transfers
When transferring data outside the European Economic Area, we use the following safeguards.
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adequacy decisions where applicable for the destination country.
- Binding Corporate Rules for intra-group transfers where applicable.
Contact Our DPO
If you have questions about data protection or wish to exercise your rights, please contact our Data Protection Officer.
Data Protection Officer
Email: dpo@zof.ai
Address: Zof AI, Inc., Privacy Office