PrivacyPolicy
Published : 10/26/2025

At Cortif.AI, protecting your personal data is a core commitment. This Privacy Policy aims to explain clearly and transparently what information we collect, why we use it, with whom it may be shared, and what your rights are.

1. Data Controller
Your personal data is processed by Cortif.AI, a company in theprocess of being incorporated as a Delaware C-corp.For any questions regarding your data, you may contact us at: contact@cortif.ai.

2. Purposes of Processing
Your personal data is collected solely for specific and legitimatepurposes:

  • respondingto your requests submitted via our contact forms or demo bookings;
  • handling administrative follow-up and invoicing as part of contractualrelations;
  • ensuring the security and availability of our website and services;
  • carrying out anonymized statistical analyses to optimize our solutions;sending you marketing information and updates, subject to your prior consent.

3.Legal Bases
Each processing operation relies on a clearlydefined legal basis:

  • yourconsent, especially for marketing communications and the use ofanalytics/marketing cookies;
  • the performance of a contract or pre-contractual measures, such asresponding to your requests or providing services;
  • compliance with legal obligations, such as record-keeping for accountingand tax purposes;
  • our legitimate interest, particularly to enhance security, preventfraud, and improve our tools.

4.Data Collected
Depending on the case, we may collect thefollowing categories of data:

  • identityand contact details (name, first name, email, phone, organization);
  • data relating to your use of our services (connection logs, pages viewed,preferences);
  • technical data (IP address, device ID, browser, cookies);
  • billing and contractual data (payment history, accounting records);
  • where applicable, certain data from third-party partners, but only with yourexplicit consent or when required to provide the service.

5.Recipients of Data
Your data is accessible only to:

  • authorizedinternal teams of Cortif.AI;
  • certain technical service providers (hosting, emailing, analytics) acting onour behalf and under our instructions;
  • administrative or judicial authorities where legally required.

6.Data Transfers Outside the European Union
Data of users and clients located in Europeis hosted and processed exclusively on servers located in the EU, in compliancewith GDPR requirements.In certain cases, some technical providers may be located in the United States(California, Delaware). Where transfers outside the EU are necessary, they arestrictly regulated by appropriate safeguards, such as Standard ContractualClauses (SCC),Binding Corporate Rules (BCR) and DataPrivacy Framework (DPF).

7. Data Retention
Your data is kept only for as long as strictly necessary for the purposespursued:prospect data:

  • 3years after the last contact;
  • client data: for the duration of the contractual relationship, then archivedfor 5 years;
  • billing data: 10 years (legal obligation);cookies: maximum of 13 months.

8.Your Rights
In accordance with the GDPR and applicable lawsin France, California, and Delaware, you have the following rights:

  • rightof access to your data;
  • right to rectification of inaccurate or incomplete data;
  • right to erasure (“right to be forgotten”), within legal limits;right to restrict processing;
  • right to object, including to processing for marketing purposes;right to data portability, where applicable.

Youmay exercise your rights at any time by writing to contact@cortif.ai. Weundertake to respond within 30 days.

9. Complaints
If you believe your rights are not respected, you may file a complaintwith:

  • theCNIL (www.cnil.fr) if you are locatedin France;
  • the competent data protection authority in your country of residence;
  • local regulatory authorities in the United States (California, Delaware).

10. Cookies and Trackers
We use various types of cookies to ensure the proper functioning of oursite, measure its audience, and, with your consent, personalize yourexperience.
You can manage your preferences at any time via the consent banner or yourbrowser settings. Consent can be withdrawn at any time. The maximum cookielifespan is 13 months.

11. Data Security and Hosting
All personal data collected by Cortif.AI is stored on secure servers.
Data of users and clients located in the European Union is hosted within theEU, ensuring compliance with European data protection rules.
Robust technical and organizational measures are implemented: SSL/TLSencryption, strong authentication, strict access controls, intrusion detectionsystems, and incident notification procedures.

12. Automated Decision-Making
Our website do not involve fully automated decision-making producing legalor significant effects for users.
e, scalable, and compliance-ready. Deploy in minutes and gain full visibilityinto your AI models’ health.
Integrate with your existing workflows. Receive alerts, generate reports, andenforce quality gates—all without exposing sensitive data.