Privacy Policy

Last updated 17 April 2026. This policy covers privateaisolutions.org only.

Short version. This website does not set cookies. We use Cloudflare Web Analytics, which is aggregated and cookieless. We do not sell data, do not run advertising trackers, and do not share personal data with third parties for marketing. If you email us, we use that email to reply.

1. Who we are

This website is operated by Private AI Solutions Oy ("Private AI Solutions", "we", "us"), a Finnish limited liability company registered in Finland.

For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), Private AI Solutions Oy is the data controller for personal data processed in connection with this website.

2. Scope of this policy

This policy explains how we process personal data when you visit privateaisolutions.org or contact us through the addresses listed on the site.

It does not cover our products (such as SafeHire AI) when they are deployed on customer-controlled infrastructure. Those deployments are governed by separate commercial agreements and data processing terms, and data stays on the customer's own systems — it does not reach us.

3. What we process and why

3.1 Website analytics (Cloudflare Web Analytics)

We use Cloudflare Web Analytics to understand aggregate traffic patterns (page views, referrers, country, device type). Cloudflare Web Analytics is cookieless and does not use fingerprinting. Your IP address is processed briefly by Cloudflare on the server side to aggregate statistics, but is not stored in a form linkable to you.

  • Legal basis: our legitimate interest in operating and improving the website (GDPR Art. 6(1)(f)).
  • Recipients: Cloudflare, Inc. (processor).
  • Retention: as defined in Cloudflare's retention policy for Web Analytics; we do not retain raw request data ourselves.

3.2 Content delivery and security (Cloudflare CDN)

The website is delivered via Cloudflare's content delivery network. When you load a page, Cloudflare briefly processes your IP address and request metadata to route the request, block malicious traffic (DDoS, known bots), and serve cached static assets. This is infrastructure, not marketing or profiling.

  • Legal basis: legitimate interest in secure, reliable website delivery (GDPR Art. 6(1)(f)).
  • Recipients: Cloudflare, Inc. (processor).

3.3 Email correspondence

If you email the addresses listed on this site, we process the content of your message and your email address to respond. We retain correspondence for as long as needed to handle your request and, where applicable, to meet record-keeping obligations.

  • Legal basis: steps taken at your request before entering into a contract (GDPR Art. 6(1)(b)) or our legitimate interest in responding to enquiries (Art. 6(1)(f)).

4. Cookies

At the time of writing, this website sets no cookies. We rely only on Cloudflare Web Analytics, which is cookieless, and Cloudflare's infrastructure, which may set strictly-necessary cookies for security and bot protection where Cloudflare itself deems necessary.

If we add services in the future that use cookies for analytics or marketing, we will ask for your consent first, through an opt-in cookie banner, and no such cookies will be set before you agree.

5. No advertising trackers, no data sales

We do not run third-party advertising trackers, conversion pixels, session replay, or heatmap tools on this website. We do not sell personal data, and we do not share personal data with data brokers.

6. International transfers

Cloudflare is a US-headquartered processor with global edge infrastructure, including servers in the European Union. Where personal data is transferred outside the European Economic Area, Cloudflare relies on appropriate safeguards such as the EU–US Data Privacy Framework and the European Commission's Standard Contractual Clauses. Cloudflare publishes the mechanisms it relies on for such transfers; we review this periodically to confirm continued adequacy.

7. Your rights

Under the GDPR, you have the right to:

  • request access to personal data we hold about you;
  • request rectification of inaccurate data;
  • request erasure of your data ("right to be forgotten");
  • request restriction of processing;
  • object to processing based on legitimate interest;
  • request portability of data you have provided to us;
  • withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, contact us at matti@privateaisolutions.org. You also have the right to lodge a complaint with a supervisory authority — in Finland, the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto, tietosuoja.fi).

8. Retention

We operate no customer database for this website. Beyond what Cloudflare retains as described above, and email correspondence kept to respond to and document enquiries, we do not store personal data on our own systems in connection with this website.

9. Security

The website is served exclusively over HTTPS. It is a static site with no backend database of our own. We apply appropriate organisational and technical measures to protect personal data we do handle, such as email correspondence.

10. Children

This website is a business-to-business marketing site and is not directed at children. We do not knowingly collect personal data from children under 16.

11. Changes to this policy

We may update this policy from time to time. The current version is always available at this URL, with the "Last updated" date at the top. Material changes will be highlighted on the page for a reasonable period.

12. Contact

Questions, requests, or complaints about this policy can be sent to matti@privateaisolutions.org.

This document is a working draft prepared in good faith. It will be reviewed by legal counsel before public launch. If you notice anything that looks incorrect or incomplete, please let us know.