Privacy Policy

1. Introduction

This Privacy Policy explains how 01AI LTD (“we”, “us”, “our”, “the Company”) collects, uses, stores, and protects personal data when you visit our website www.01ltd.com (the “Website”), use our client login area, or otherwise interact with us. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Data Protection Acts 1988 to 2018, and all applicable Irish and European data protection legislation.

Our services are provided to businesses and organisations. However, in the course of our business activities, we collect and process personal data belonging to natural persons, including employees, directors, and representatives of our client organisations, sole traders, individuals who contact us through the Website, and individuals who apply for employment or other opportunities with us.

2. Data Controller

The data controller responsible for your personal data is: 01AI LTD (CRO 811501), registered in Ireland. Registered Office: Ground Floor, 71 Lower Baggot Street, Dublin, D02 P593. Email: privacy@01ltd.com

3. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

• Website browsing data: IP address, browser type, operating system, referral source, pages visited, duration of visit, and general geographic location derived from IP address (only where consent has been given via our cookie banner).
• Contact and enquiry data: name, email address, telephone number, company name, job title, and any information you provide when contacting us.
• Business contact data: professional details of employees, directors, or representatives of client organisations and business partners.
• Client login area data: username, email address, encrypted password, login timestamps, session data, and information submitted within the client login area.
• Transactional and contractual data: billing information, invoicing details, correspondence, and records relating to the provision of our services.
• Recruitment and job applicant data: CV, cover letter, qualifications, employment history, references, and other information provided as part of an application process.
• Data from third parties: publicly available sources (CRO filings, LinkedIn), third-party business intelligence providers, and referrals.

We do not intentionally collect any special categories of personal data (such as data revealing racial or ethnic origin, political opinions, health data, or biometric data).

4. Legal Bases for Processing

We process your personal data only where we have a lawful basis under Article 6 GDPR:

• Consent (Art. 6(1)(a)): for non-essential cookies, analytics tracking, and where you have opted in to our talent pool. You may withdraw consent at any time.
• Performance of a contract (Art. 6(1)(b)): to provide access to the client login area and deliver the services you or your organisation have engaged us to provide.
• Legitimate interests (Art. 6(1)(f)): for Website security, fraud prevention, service improvement, managing business relationships, processing job applications, and training and improving our AI models. Where we rely on legitimate interests for AI model training, we have carried out a balancing assessment and you may object at any time.
• Legal obligation (Art. 6(1)(c)): where we are required by law to process or retain certain data, including for tax, accounting, or regulatory compliance purposes.

5. How We Use Your Personal Data

• To operate, maintain, and provide the functionality of the Website and client login area
• To respond to your enquiries and communicate with you
• To fulfil our contractual obligations to clients and manage business relationships
• To send administrative communications such as service updates and security alerts
• To analyse website usage and improve performance (only with your consent)
• To train, test, and improve our artificial intelligence models and services (see Section 5A below)
• To evaluate job applications and manage recruitment processes
• To comply with applicable legal and regulatory obligations
• To protect our rights, property, and safety, and those of our users and the public

5A. Use of Data for AI Training and Improvement

As an artificial intelligence company, we may process certain data submitted through our client login area or Website (such as text inputs, prompts, support queries, and feedback) to train, test, and fine-tune our AI algorithms. Where possible, we take steps to aggregate, de-identify, or anonymise this data before it is used for model training. We rely on our legitimate interest (Art. 6(1)(f) GDPR) as the legal basis for this processing.

Opt-Out: If you do not want your personal data used for training our AI models, you have the right to object under Article 21 GDPR. You can opt out at any time by adjusting your account settings or contacting us at privacy@01ltd.com. An objection will not affect data that has already been fully anonymised.

6. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies. We obtain your prior consent before placing any non-essential cookies on your device. Strictly necessary cookies do not require consent. For full details, please refer to our Cookie Policy. No analytics or tracking cookies will be activated until you have provided your explicit consent through our cookie consent banner.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to any third party. We may share your personal data with: service providers and processors (website hosting, IT support, email services, analytics) bound by data processing agreements; professional advisers (solicitors, accountants, auditors) where necessary; regulatory and legal authorities where required by law; and authorised persons within your organisation where you are a contact person at a client organisation.

8. International Data Transfers

Your personal data is primarily stored and processed within the European Economic Area (EEA). In the event of any transfer outside the EEA, we ensure appropriate safeguards are in place as required by the GDPR, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.

9. Data Retention

• Website browsing data: maximum 13 months from the date of collection, subject to your consent
• Contact and enquiry data: 2 years from your last communication, unless a contractual relationship arises
• Business contact data: duration of our business relationship plus 2 years thereafter
• Client login area data: duration of our contractual relationship plus 6 years thereafter
• Transactional and contractual data: minimum 6 years following end of the contractual relationship
• Recruitment data (unsuccessful applications): 12 months following conclusion of the recruitment process, unless you consent to longer retention

10. Data Security

We implement appropriate technical and organisational measures including encryption of data in transit (SSL/TLS), secure password hashing, access controls limiting personal data access to authorised personnel, regular security reviews, and secure hosting within the EEA. While we take all reasonable precautions, no method of transmission over the internet is completely secure.

11. Your Rights Under the GDPR

• Right of access (Art. 15): obtain confirmation of processing and a copy of your data
• Right to rectification (Art. 16): request correction of inaccurate or incomplete data
• Right to erasure (Art. 17): request deletion where there is no compelling reason for continued processing
• Right to restriction of processing (Art. 18): request restriction of processing in certain circumstances
• Right to data portability (Art. 20): receive your data in a structured, machine-readable format
• Right to object (Art. 21): object to processing based on legitimate interests, including AI model training
• Right to withdraw consent: withdraw consent at any time without affecting prior lawful processing
• Right not to be subject to automated decision-making (Art. 22): not to be subject to solely automated decisions producing significant legal effects

To exercise any of these rights, please contact us at privacy@01ltd.com. We will respond within one month. We may ask you to verify your identity before processing your request.

12. Complaints

If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Data Protection Commission (DPC), 21 Fitzwilliam Square South, Dublin 2, D02 RD28 — www.dataprotection.ie — info@dataprotection.ie — +353 (0)1 765 0100 / 1800 437 737. We would appreciate the opportunity to address your concerns before you approach the DPC.

13. Third-Party Links

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. The inclusion of a link does not imply endorsement by 01AI LTD.

14. Children's Privacy

Our Website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child, we will delete it promptly.

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of Ireland. Any disputes arising in connection with this Policy shall be subject to the exclusive jurisdiction of the Irish courts.