Skip to content
ParAI logo
ParAI

GDPR Compliance

Last updated: March 18, 2026

1. Scope

This page explains how ParAI complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA), United Kingdom, and Switzerland.

2. Data Controller

ParAI is the data controller for personal data collected through our mobile application. For questions about data processing, contact us at support@par-ai.app.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract: Processing necessary to provide our Services (account management, activity tracking)
  • Consent: For AI chat features (your data is shared with Google Vertex AI — you are asked for explicit consent in the app before first use), notifications, and family sharing invitations
  • Legitimate Interest: For service improvement, security, and fraud prevention
  • Legal Obligation: When required by applicable laws

4. Your Rights Under GDPR

As an EEA resident, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

5. Exercising Your Rights

To exercise your GDPR rights:

  • Email us at support@par-ai.app with your request
  • We will verify your identity before processing
  • We will respond within 30 days (extendable by 60 days for complex requests)
  • Requests are free unless manifestly unfounded or excessive

6. International Data Transfers

Your data may be transferred to and processed in the United States where our servers and service providers (Google Cloud Platform) are located. We ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data processing agreements with our service providers

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in our Privacy Policy. When you delete your account, we will delete your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention).

8. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in high risk to you, we will also notify you directly.

9. Right to Lodge a Complaint

If you believe we have not handled your data in accordance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority. We encourage you to contact us first so we can address your concerns.

10. Contact Us

For GDPR-related inquiries:

Email: support@par-ai.app