GDPR
GDPR
This page provides a practical GDPR view of AISEC. It is intended to help customers understand how the platform approaches personal data handling, customer control, and common review topics for European operations.
Processor-style service modelCustomer control over workspace contentSupport for data rights workflowsSecurity and privacy cross-links
Roles
Typical GDPR role split
In most use cases, the customer acts as controller for workspace data entered into AISEC, while the service acts in a processor role for that data.
- Customers decide what information is uploaded, retained, reviewed, or deleted within their tenant.
- AISEC processes that information to deliver the product and keep the platform secure and reliable.
- Separate contractual terms may refine controller and processor obligations for specific deployments.
Rights
Supporting data-subject requests
GDPR readiness is easier when customers know where data lives and who can administer it.
- Tenant administrators should be the first coordination point for workspace-level correction or deletion requests.
- Support teams can assist with service-layer questions, exports, or deletion workflows where applicable.
- Audit and security logs may need to be retained where lawful and necessary for service integrity or incident response.
Cross-border and governance
Common review areas
GDPR reviews often expand quickly into adjacent topics, so it helps to keep the related resources close by.
- Ask about subprocessor, hosting, and transfer questions during the contracting process if they apply to your organisation.
- Review the security page for technical and organisational control themes.
- Review the privacy policy for the broader explanation of categories, purposes, and retention.
Related
Keep exploring
Need the adjacent trust material?
The privacy and security pages usually answer the next questions that appear in a GDPR review or procurement questionnaire.