Effective Date: February 12, 2026
Last Updated: February 12, 2026
This Privacy Policy (“Policy”) describes how Autokrator.ai Ltd. and its affiliates (collectively, “Autokrator”, “we”, “us”, or “our”) collect, use, disclose, and otherwise process personal information when we act as a data controller.
This Policy applies to personal information collected through our websites, digital properties, marketing activities, events, and other interactions where Autokrator determines the purposes and means of processing personal information.
This Policy does not apply to personal information processed by Autokrator on behalf of customers through the Autokrator platform. In those circumstances, Autokrator acts as a data processor and the customer acts as the data controller. If you have questions about how a customer uses your personal information within the platform, you should contact that customer directly.
Capitalized terms not defined in this Policy have the meaning set forth in our Terms of Service.
1. When This Policy Applies
This Policy applies to personal information that Autokrator processes when you:
Visit or interact with our websites or other digital properties
Request information, a demonstration, or a consultation
Register for webinars, events, or marketing communications
Communicate with us in a business or professional capacity
Enter into or manage a commercial relationship with us
This Policy does not apply to Service Data processed within the Autokrator platform on behalf of customers, personal information relating to job applicants or employees, or third-party websites or services that are not operated by Autokrator.
We may update this Policy from time to time. If we make material changes, we will update the “Last Updated” date and, where required by law, provide appropriate notice.
2. Personal Information We Collect
We collect personal information directly from you, automatically through your interaction with our websites, and from third-party sources.
Information you provide directly may include your name, business email address, phone number, company name, job title, billing information where applicable, and any other information you submit through forms, event registrations, surveys, or communications.
We automatically collect certain information when you visit or interact with our digital properties. This may include your IP address, browser type, device information, operating system, date and time of access, pages viewed, referring URLs, approximate location derived from your IP address, and information collected through cookies and similar technologies.
We may also receive personal information from third parties, such as publicly available business information, marketing partners, event sponsors, analytics providers, or other organizations with whom we have a business relationship.
We may combine information collected from different sources and use it as described in this Policy.
3. How We Use Personal Information
We use personal information for business and operational purposes, including to provide and operate our websites and services, respond to inquiries and requests, provide demonstrations and support, manage customer and business relationships, process transactions and billing, communicate administrative or security notices, and send marketing communications where permitted by applicable law.
We also use personal information to operate, maintain, and improve our digital properties and services; analyze usage, trends, and performance; develop new features and functionality; detect, prevent, and investigate security incidents, fraud, or misuse; comply with legal and regulatory obligations; and establish, exercise, or defend legal claims.
Where required by applicable law, we rely on one or more legal bases for processing personal information, including performance of a contract, legitimate business interests, compliance with legal obligations, or your consent.
Where permitted by applicable law, we may use personal information to send marketing, promotional, or informational communications about our products, services, events, or other updates. Individuals may opt out of receiving marketing communications at any time as described in Section 11 below.
4. Service Data and Customer Processing
Autokrator provides a business-to-business compliance automation platform. Customers determine what data is uploaded to and processed within the platform (“Service Data”) and control the purposes and means of such processing.
With respect to Service Data, the customer acts as the data controller and Autokrator acts solely as a data processor. Processing of Service Data is governed by the applicable customer agreement, including our Terms of Service and any Data Processing Addendum. Autokrator is not responsible for customers’ privacy or security practices.
5. Cookies and Tracking Technologies
We use cookies and similar technologies to operate and secure our websites, enable core functionality, remember user preferences, analyze usage and performance, and measure the effectiveness of marketing activities.
Where required by applicable law, including the GDPR and ePrivacy Directive, we obtain consent for the use of non-essential cookies. You may control cookies through your browser settings; however, disabling cookies may affect the functionality of our websites.
6. How We Share Personal Information
We do not sell personal information for monetary consideration.
We may disclose personal information to service providers that support our business operations, including providers of hosting, cloud infrastructure, analytics, customer relationship management, marketing automation, payment processing, and technical services. These service providers are authorized to process personal information only as necessary to perform services on our behalf and are subject to contractual confidentiality and data protection obligations.
We may also disclose personal information to professional advisors such as legal, accounting, audit, and insurance providers; to business partners involved in joint marketing, events, or service delivery where appropriate; to affiliates or subsidiaries; and to government authorities, regulators, law enforcement, or courts where required by law.
In addition, personal information may be disclosed in connection with a merger, acquisition, financing, reorganization, or sale of all or part of our business. We may also use or disclose aggregated or de-identified information for any lawful business purpose.
7. International Data Transfers
Autokrator operates globally, and personal information may be transferred to and processed in countries outside your country of residence. Where required by applicable law, we implement appropriate safeguards for such transfers, including standard contractual clauses or other legally recognized transfer mechanisms.
8. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this Policy, maintain business and financial records, comply with legal, tax, or regulatory obligations, resolve disputes, and enforce our agreements. When personal information is no longer required, we delete, anonymize, or securely archive it in accordance with our retention practices.
9. Security
We maintain technical and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. These measures include administrative safeguards, encryption, access controls, monitoring, and security testing. However, no method of transmission or storage is completely secure.
10. AI Processing
Autokrator uses artificial intelligence and machine learning technologies to support compliance automation, risk analysis, documentation assistance, and related functionality within the platform.
AI processing may involve customer-provided content, including documents, configuration data, risk information, and other materials submitted by customers. Such content may contain personal information depending on how customers use the platform.
For data processed within the platform, customers act as data controllers and Autokrator acts as a data processor. AI processing is performed solely to provide and improve the services in
accordance with customer instructions and applicable agreements.
AI-generated outputs are intended to assist users and should be reviewed by customers before reliance. AI processing is subject to the same security, access control, and confidentiality safeguards applied to the platform.
11. Your Privacy Rights
Depending on your location and applicable law, you may have the right to request access to personal information we hold about you, request correction or deletion, restrict or object to certain processing, withdraw consent where processing is based on consent, or request a portable copy of your information.
Requests may be submitted to privacy@autokrator.ai. We may require verification of your identity before responding.
Where permitted by applicable law, Autokrator may send marketing or promotional communications by email or other electronic means.
You may opt out of receiving marketing communications at any time by:
Clicking the “unsubscribe” or “opt out” link included in our emails; or
Contacting us at privacy@autokrator.ai and requesting to be removed from marketing communications.
Please note that even if you opt out of marketing messages, we may continue to send you non-promotional communications that are necessary for administrative, security, contractual, or service-related purposes.
We will process unsubscribe requests in accordance with applicable laws, including Canada’s Anti-Spam Legislation (CASL), GDPR, and other applicable electronic communications laws.
12. Supplemental Information for Canada
For individuals in Canada, personal information is collected, used, and disclosed in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
You may request access to or correction of your personal information by contacting us. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada.
13. Supplemental Information for the EEA and United Kingdom
If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) and applicable local data protection laws provide you with certain rights and require additional disclosures.
Data Controller
For the purposes of the GDPR, Autokrator.ai Ltd. is the data controller for personal information covered by this Policy when we determine the purposes and means of processing.
Legal Bases for Processing
We process personal information under one or more of the following legal bases:
Performance of a contract, where processing is necessary to provide requested services or respond to inquiries
Legitimate interests, including operating and improving our business, communicating with business contacts, and securing our services, provided such interests are not overridden by your rights and interests
Compliance with legal obligations
Consent, where required by law, including for certain marketing or cookie activities
Data Subject Rights
Subject to applicable law, you have the right to:
Access the personal data we hold about you
Request correction of inaccurate or incomplete data
Request deletion of your personal data
Request restriction of processing
Object to processing based on legitimate interests
Request data portability
Withdraw consent at any time, where processing is based on consent
To exercise your rights, contact us at privacy@autokrator.ai.
Complaints
If you believe your personal data has been processed in violation of applicable data protection law, you have the right to lodge a complaint with your local data protection supervisory authority.
International Transfers
Where personal data is transferred outside the EEA or UK, we implement appropriate safeguards, such as Standard Contractual Clauses or other legally approved transfer mechanisms, to ensure an adequate level of protection.
14. Children’s Privacy
Our websites and services are intended for business use and are not directed to individuals under the age of 16. We do not knowingly collect personal information from children.
15. Third-Party Links
Our websites may contain links to third-party websites or services. This Policy does not apply to those third parties, and we encourage you to review their privacy practices.
16. Contact Information
If you have questions or concerns regarding this Policy or our privacy practices, please contact:
Autokrator.ai Ltd.
Email: privacy@autokrator.ai
Website: https://autokrator.ai