Privacy Policy

1. Introduction

This Privacy Policy explains how AI Risk Institute (“we”, “us”, “our”) collects, uses, and protects personal data when you use airiskinstitute.com.

We are committed to handling personal data responsibly and do not sell personal data under any circumstances.

2. Data Controller

AI Risk Institute is the data controller responsible for processing your personal data.

3. Personal Data We Collect

We collect only the data necessary to provide our services, including:

  • Identification data: name, email address
  • Account data: login credentials, course enrolment details
  • Transaction data: billing information, payment status
  • Communication data: messages, support requests
  • Technical data: IP address, browser type, basic analytics data

We do not intentionally collect sensitive personal data.

4. How We Use Your Data

Your personal data is used strictly for operational purposes, including:

  • Providing access to courses, certifications, and services
  • Processing payments and issuing invoices
  • Managing your account
  • Communicating with you regarding your purchases or enquiries
  • Improving the functionality and security of our website

We do not sell, rent, or trade your personal data.

5. Legal Basis for Processing

We process personal data based on:

  • Contractual necessity, to deliver purchased services
  • Legal obligations, including accounting and tax requirements
  • Legitimate interests, such as improving our services and ensuring security
  • Consent, where required (e.g., optional communications)

6. Data Sharing

We only share personal data when necessary to operate our services, including:

  • Payment processors
  • Hosting and IT service providers
  • Learning platform providers
  • Certification bodies, where applicable

All third parties are required to handle data securely and in compliance with applicable laws.

We do not sell personal data to any third party.

7. International Transfers

If personal data is transferred outside the European Economic Area, appropriate safeguards are applied, such as standard contractual clauses or equivalent protections.

8. Data Retention

We retain personal data only as long as necessary:

  • Account and course data: for the duration of your account and a reasonable period thereafter
  • Financial records: as required by law
  • Communications: as needed for support and compliance

Data is securely deleted or anonymised when no longer required.

9. Your Rights

Under applicable data protection laws, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time

Requests can be made by contacting us at the email above.

10. Cookies and Tracking

We use limited cookies and similar technologies to:

  • Ensure website functionality
  • Improve user experience
  • Analyse basic usage patterns

You can control cookie settings through your browser.

11. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

However, no system can be guaranteed to be fully secure.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised date.