Privacy Policy
Effective date: [28-10-2025]
Who We Are
ED Group IT AB (“AI Nordica”, “we”, “us”, “our”)
Address: Nymilsgatan 15, 42170 Västra Frölunda, Sweden
Website: ainordica.com
Contact: [email protected]
Jurisdiction: Sweden and the European Union
Scope
This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit our website, interact with our AI solutions, or communicate with us. It applies to prospects, customers, and end‑users who interact with our services through our clients.
Information We Collect
User inputs and conversations: prompts, messages, chat transcripts, call recordings/transcripts generated through our services.
Contact details: name, email address, phone number, company/role and similar identifiers you provide.
Payment and billing information: billing details processed by our payment providers; we do not store full card numbers.
Technical data: device/browser information, IP address, timestamps, and limited cookies/analytics where applicable.
Support records: requests, tickets, feedback, and related communications.
How We Use Your Data
Service delivery: to provide and operate our AI services, handle inquiries, bookings, and customer support.
Improvement and quality: to enhance model accuracy, safety, and reliability, which may include limited human review for quality assurance.
Account, communication, and administration: onboarding, service notices, troubleshooting, and operational messages.
Marketing (where permitted): sending updates and offers; you can opt out at any time.
Compliance and security: fraud prevention, auditing, legal obligations, and enforcing terms.
Legal Bases (GDPR)
Contract: processing necessary to provide the services you request.
Legitimate interests: improving services, safeguarding security, communicating with existing customers about similar services.
Consent: for marketing communications, cookies, and other non‑essential processing where required.
Legal obligation: accounting, tax, and regulatory compliance.
AI‑Specific Handling
Inputs/outputs: We may store user inputs and AI outputs to deliver the service and improve quality and safety.
Training/fine‑tuning: By default, data may be used to improve models and prompts. Business customers may request opt‑out from model improvement where technically feasible without impacting safety/abuse detection.
Automated decision‑making: Our services provide automated responses and recommendations but do not produce legal or similarly significant decisions without human oversight.
Human review: Authorized staff may review a sample of interactions to debug issues, ensure safety, and improve quality.
Cookies and Analytics
We use essential cookies necessary for site operation and limited analytics to understand usage and performance.
Non‑essential cookies (e.g., analytics/marketing) are only set after you give explicit consent via our cookie consent banner.
You can accept, reject, or customize preferences at any time through our banner or browser settings. See our Cookie Policy for details.
Sharing and Processors
We use trusted service providers to host, process, and support our services. Current key providers include GoHighLevel, OpenAI, Grok (xAI), and Twilio, along with other providers for hosting, analytics, communications, and payments as needed. All vendors are bound by written data processing terms and appropriate security measures. A current list of sub‑processors is available on request and is updated when vendors change.
International Transfers
Personal data may be processed in the EU/EEA, UK, or US. Where data is transferred outside the EEA, appropriate safeguards such as the EU Standard Contractual Clauses (and UK equivalents) are used, alongside technical and organizational measures.
Data Retention
Account and service data: retained for the life of the account and then deleted or anonymized within a reasonable period unless a longer period is required by law.
AI interaction logs: retained while the account is active for service quality and security; shorter or custom retention can be configured for business customers on request where feasible.
Backups: stored for limited rolling periods before secure purge.
Your Rights
Subject to applicable law, you can request:
Access to your personal data and a copy of it.
Correction of inaccurate or incomplete data.
Deletion (“erasure”) of your data.
Restriction of processing in certain circumstances.
Data portability.
Objection to processing based on legitimate interests and to direct marketing.
Withdrawal of consent at any time (does not affect prior processing).
If we process data on behalf of a client (controller), we may refer your request to that client. You may also lodge a complaint with your local supervisory authority.
Security
We implement administrative, technical, and organizational measures including encryption in transit and at rest, role‑based access controls, logging/monitoring, least‑privilege access, vulnerability management, and incident response procedures. No system is perfectly secure; please report suspected incidents to [email protected].
Children
Our services are not directed to children and we do not knowingly collect data from individuals under the age applicable in their jurisdiction. If you believe a child has provided personal data, contact us to request deletion.
Selling or Sharing Personal Data
We do not sell personal data. We do not share personal data for cross‑context behavioral advertising. If our practices change, we will update this policy and obtain any required consents.
Changes to This Policy
We may update this policy from time to time. Material changes will be posted on this page and, where appropriate, notified to you directly. The “Effective date” at the top will indicate the latest version.
Contact Us
ED Group IT AB (AI Nordica)
Nymilsgatan 15, 42170 Västra Frölunda, Sweden
Email: [email protected]
Website: ainordica.com
