GDPR Compliance

Last updated: January 2, 2026

Our Commitment to GDPR

Alpha Wings AI is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights under this regulation.

Your Rights Under GDPR

As a data subject, you have the following rights:

📋 Right to Access

You can request a copy of all personal data we hold about you.

✏️ Right to Rectification

You can request correction of inaccurate or incomplete data.

🗑️ Right to Erasure

You can request deletion of your personal data ("right to be forgotten").

⛔ Right to Object

You can object to processing of your personal data for specific purposes.

📦 Right to Data Portability

You can request your data in a structured, machine-readable format.

🚫 Right to Restrict Processing

You can request limitation of how we process your data.

Lawful Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you explicitly agree to data processing
  • Contract: To fulfill our service agreement with you
  • Legal Obligation: When required by law
  • Legitimate Interest: For business operations and improvements

Data We Collect

We collect and process the following types of personal data:

  • Account Data: Name, email, password (encrypted)
  • Payment Data: Processed securely through Stripe (we don't store card details)
  • Usage Data: Posts generated, features used, login history
  • Technical Data: IP address, browser type, device information
  • Content Data: Generated posts and scheduling preferences

Data Retention

We retain your data for the following periods:

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: 30 days retention, then permanent deletion
  • Payment Records: 7 years (legal requirement)
  • Analytics Data: Anonymized after 14 months

International Data Transfers

Your data may be transferred to and processed in countries outside the EU. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • EU-US Data Privacy Framework compliance
  • Encryption during transit and at rest

Security Measures

We implement robust security measures including:

  • 256-bit SSL/TLS encryption
  • Regular security audits
  • Access controls and authentication
  • Data backup and disaster recovery
  • Staff training on data protection

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify relevant authorities within 72 hours
  • Inform affected users without undue delay
  • Provide details of the breach and mitigation steps
  • Take immediate action to prevent further breaches

How to Exercise Your Rights

To exercise any of your GDPR rights, please:

  1. Email us at gdpr@alphawingsai.com
  2. Include "GDPR Request" in the subject line
  3. Specify which right you wish to exercise
  4. Provide proof of identity (for security)

⏱️ We will respond to your request within 30 days as required by GDPR.

Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection authority:

UK: Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

Contact Our Data Protection Officer

For GDPR-related questions or concerns, contact our Data Protection Officer:

Email: dpo@alphawingsai.com
GDPR Requests: gdpr@alphawingsai.com
Website: alphawingsai.com

← Back to Home