1. We are committed to complying with all GDPR requirements:

1. Our terms of service and privacy policies clearly state the sources of our data collection, the purpose of use, system it is shared with, where the data located along with the basis of the collection.
2. Trained and professional staff do their upmost to comply with GDPR and data security practices, which includes regular training programs to ensure their knowledge of these practices is updated.
3. We also have well-structured and well drafted internal response plans in the event of a data breach as well as properly documented information flows throughout the organization.
4. Additionally, there are the Company's Agreements, which can be accessed by contacting us at hello@alavi.ai.
5. We ensure that all the members and partners in the organization comply with GDPR and follow best practices as much as possible.
6. We at Alavi identify and acknowledge all existing data systems and personal data processing.

2. How Alavi is compliant with GDPR

2.1 How do we use the information we collect?

We collect information from our customers and partners as well as other visitors to our site that use our services. The information we collect may be used in one of the following ways:

• To perform the services requested in the ‘Contact Us’ page - for instance, if you’ve filled in a ‘Contact Us’ form requesting assistance from our support team, the information you submitted will be used to get in touch with you or, if you’ve mentioned a problem with one of our products, you’ll get a response based on your description of the issue.
• To personalize your experience – targeted, personalized material is more likely to be relevant to you and respond better to your individual needs.
• To improve our website - we update what our website offers based on the type of content you and other users click on or download.
• To analyze how effective our marketing campaigns are – we need to understand how our products and services are used as well as track lead generation for our sales activities.
• Processing transactions – will only be used to properly deliver the services you purchase and will never, whether your information is public or private, be sold, exchanged, transferred, or given to any other entity for any reason whatsoever without your consent.
• To create your online profile – for every user who registers on our site for a service, a profile is created, which is used to log in to Alavi.ai.
• To enable sign-up and access to our portal
• To enable you to use our support services and to raise questions – you can do this at https://www.alavi.ai/contact
• To better understand our visitors and their movements through our website - we track and analyze your actions on our website such as navigation, number of visits, downloads, and search items to gain valuable insights about our customers.

2.2 How we use your data

We follow the terms and dictates of the EU General Data Protection Regulation (GDPR).

Legitimate Business Use under GDPR
When we collect data about you from our websites or other sources, we may use your information to conduct business. This includes using your personal information to schedule business meetings, organize travel, host online meetings, or otherwise engage in business collaborations.

When you contact us directly through one of our websites or by other means, we may record and store the information on our websites or affiliated sites.

Legitimate Marketing Use under GDPR
We use cookies to track your navigation on our websites, improve our marketing efforts, conduct research on our website visitors, enhance our corporate communications, assess our outreach and social media interactions, make business plans, and conduct market analytics. We may use this data to change our website design and analyze our business practices.

When you subscribe to newsletters or other materials we publish, you agree to let us contact you regarding changes to our business, updates to our services, new marketing materials, and business announcements.

2.3 Storing personal information

In general, the personal information of yours we have collected will be stored and kept for as long as it is required for the purpose for which it was collected. This can result in your information being kept until a request to unsubscribe is received or you withdraw your consent to us holding your personal data.
We store our data in: Bubble.io and AWS/MySQL DB

2.4 How long do we retain the information we collect?

• This section concerns the retention and processing of your data. The term processing refers to our collection, recording, retention, organization, and storage of your personal data. It also includes our ability to adapt, alter, erase, or delete your personal information.
• We may disclose your personal data to some of our clients for business engagements or to confirm the high skill levels of our team members. We may also display them to auditors, agencies, supervisory authorities, or other external service providers as required by our contractual obligations.
• We may also disclose your personal data if we are required by law to disclose it.
• We will share your information when necessary to exercise our legal rights, protect our data, prevent fraud, and reduce our risk of liability.
• We will share your personal data when required by a criminal investigation, legal proceeding, or other legal obligation.

At any time, you may request to view, change, and update your personal information by emailing us at hello@alavi.ai.

Please note that we retain the information we collect for as long as needed to provide our services (including marketing and communications) and to comply with our legal obligations, resolve disputes and enforce our agreements (including exercising any of our rights under our agreements, such as audit and record-keeping).

We may rectify, replenish, or remove incomplete or inaccurate information, at any time and at our own discretion.

2.5 How do we safeguard and transfer your information?

We only use your personal data in accordance with local and international law. Our use depends on a legitimate legal reason for utilizing all personal data we have collected about you. We will use your personal data when you have expressly consented to our use. We also share information when it’s necessary to comply with audits, investigations, and other legal situations.

When we collect information about you from our website, third parties, or outside sources, we will use it only in accordance with the limitations of the GDPR regarding legitimate business use, recruitment, legitimate business interests, marketing purposes, investor relations, and security protocols.

We are committed to making reasonable efforts, in accordance with market best practices, to ensure the security, confidentiality, and integrity of personal information. We take great care in implementing and maintaining the security of personal information. Access to personal information is based on the ‘least to know’ concept together with role-based access control systems, ensuring only authorized access to personal information.

We regularly monitor our systems for possible vulnerabilities and attacks. Although we take steps to safeguard such information and take all actions to comply with the GDPR, we cannot be responsible for the acts of those who gain unauthorized access, and we make no warranty, express, implied, or otherwise, that we will prevent such access. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards if the password to help protect your accounts and personal information is used. It is your responsibility to keep your password confidential.

2.6 What are your rights?

You may contact us at hello@alavi.ai at any time and request:

• To delete, change or update any personal data related to you (for example, if you believe that your personal information is incorrect, you may ask to have it corrected).
• That we will cease any further use of your personal information or delete your information (for example, you may ask that we stop using or sharing your personal information with third parties).

If you wish to raise a complaint on how we have handled your personal information, you may contact us at the addresses indicated below.

ReapDigital (Private) Ltd
#02-01 One Fullerton, 1 Fullerton Road
Singapore 049213

If you have any questions regarding this Privacy Policy/GDPR Policy or about the information that we collect about you, or if you feel that your privacy was not treated in accordance with this Privacy Policy/GDPR Policy, you may contact us at hello@alavi.ai.

You also have rights under this Policy. They include the rights to:

• Ask what information we have about you. You may ask us to explain what information we are keeping, why we are keeping it, and how we are using it.
• View your personal information. You have the right to see the data we have stored about you. You can ensure the information is accurate and that we’re using the information in a legal manner.
• Update or correct information. If our data is incorrect or outdated, you may request a correction.
• Ask us to delete your data. You may request the deletion of your personal information if there is no legitimate need for us to retain it. You can also request the deletion when you exercise your right to object to processing.
• Object to processing. This term refers to a situation where your personal circumstances make you unwilling or unable to agree to the retention and transmission of your personal information, even when we have a legitimate interest in keeping it. You may also use this right to limit the extent of our transmission and sharing of your personal data. For instance, you may object to our sharing of your personal data with specific corporate or government entities.
• Object to automated decision-making. We use personal data to conduct automatic decision-making based on the personal profiles of our visitors. You may object to this use of your data. You may also ask us to delete your personal profile.
• Suspend our processing. You may request a suspension of our use of your personal data for various reasons. For instance, if you want to review your personal data to ensure we’re using it legally or in compliance with this Policy, you can request a suspension of our use of it while you investigate.
• Request your information. You may ask us to send your profile to you in a usable electronic format at any time. You may also ask us to transfer or transmit this profile to a third party of your choice in a usable electronic format.
• Withdraw your consent. At any time, you may ask us to stop collecting, processing, or transmitting your personal information. We will stop all collection, processing, and transmission upon request. We will stop or suspend this processing and collection for any of the purposes you originally agreed to, unless we have a legitimate, legal business interest in continuing to use your information.

If you want to exercise any of these rights, please email us at hello.alavi.ai. We typically respond within 24 hours.

2.7 Whom can you contact for more information?

If you have any questions or complaints about this Notice or about our privacy and information handling practices, kindly contact our Data Privacy Officer via the following methods:

1. Address: ReapDigital (Private) Ltd, #02-01 One Fullerton, 1 Fullerton Road, Singapore 049213
2. Telephone: +94 764535050
3. Email: hello@alavi.ai

2.8 Updates or amendments to the Privacy Policy

We may, in our sole discretion, revise this Privacy Policy from time to time. The most current version will always be posted on our website. We will not send individual email notifications on the updates. We encourage you to review this Privacy Policy regularly for any changes.