Privacy Policy

1. Introduction

Portia Labs respects your privacy and protects your personal data. This privacy policy explains what data I collect, how I use it, and what rights you have under the General Data Protection Regulation (GDPR).

By using my services, you agree to this privacy policy.

2. Data Controller

3. What Data Do I Collect?

I only collect data necessary for service delivery:

3.1 Contact Information

• Name
• Email address
• Phone number (if provided)
• Company name (if applicable)

3.2 Project Data

• Documents and files you share with me
• Communication history
• Project requirements and specifications

3.3 Technical Data

• IP address (for security)
• Browser type and version
• Timezone and language preference
• Pages you visit on my website

4. Legal Basis for Processing

I process your data based on:

• Contract: For performing my services
• Consent: For marketing communications (only with explicit consent)
• Legal obligation: For tax and accounting purposes
• Legitimate interest: For website security and fraud prevention

5. Purposes of Processing

5.1 Service Delivery

• Setting up and maintaining AI solutions
• Communication about project progress
• Invoicing and payment processing
• Support and maintenance

5.2 Website & Communication

• Improving my website and services
• Sending newsletters (only with consent)
• Analyzing website usage (aggregated and anonymous)

6. Retention Periods

I do not keep your data longer than necessary:

• Contact information: During the agreement term + 7 years (legal retention)
• Project data: During the term + 2 years after completion
• Communication: 2 years after last contact
• Marketing consent: Until withdrawal or 2 years after last interaction

7. Sharing with Third Parties

I never sell your data to third parties. I only share data with:

• Service providers: Cloud hosting, email providers, accounting software — only for necessary service delivery
• Authorities: Only when legally required (e.g., tax authorities)

All my service providers comply with GDPR and have processor agreements with me.

8. Security

I take appropriate technical and organizational measures to protect your data:

• Encrypted communication (TLS/SSL)
• Strong passwords and two-factor authentication where possible
• Regular backups
• Access restriction to authorized persons only
• Regular security updates

9. Your Rights

Under GDPR, you have the following rights:

9.1 Right to Access

You have the right to know what data I have about you and how I use it.

9.2 Right to Rectification

You can ask me to correct inaccurate data.

9.3 Right to Erasure ("Right to be forgotten")

You can request deletion of your data, unless I have a legal retention obligation.

9.4 Right to Restriction

You can request restriction of processing your data in specific situations.

9.5 Right to Data Portability

You can request a copy of your data in structured format.

9.6 Right to Object

You can object to processing based on legitimate interest.

9.7 Right to Withdraw Consent

You can withdraw your consent for marketing at any time.

To exercise your rights, send an email to hello@portialabs.site. I respond within 30 days.

10. Cookies

My website uses minimal cookies:

• Necessary cookies: For technical operation of the website
• Analytical cookies: Aggregated statistics (anonymized)

I use no tracking cookies for advertising or profiling.

11. International Transfer

I strive to keep your data within the EU. Some service providers (such as OpenAI for AI services) may process data in the US. In that case, I ensure adequate protection measures such as Standard Contractual Clauses.

12. Changes

I may update this privacy policy from time to time. I communicate important changes via email or on the website.

13. Contact

For questions about this privacy policy or your data:

You also have the right to file a complaint with the Belgian Data Protection Authority.