DeployAI Privacy Policy
The present Privacy Policy applies to all Users of the DeployAI Project (deployaiproject.eu) Website (hereinafter referred to as the “Users”or the “User” and “DeployAI” respectively) and forms an integral part of the DeployAI Website’s Terms and Conditions. The present Privacy Policy provides the User with general information regarding how the Data Controller uses personal data and other information required by data protection legislation. In case of future amendment, the User will be provided with necessary updates and information through updates to the present Privacy Policy, uploaded to the DeployAI Website.
1. Who is the Data Controller?
1.1. The organization with the name Akademie für künstliche Intelligenz AKI gGmb (‘’AKI’’) is the Data Controller for the processing of the User’s personal data (hereinafter referred to as “Data Controller”).
1.2. Data Controller’s Contact details:
For any issue or concern with regards to the present Privacy Policy, including the User’s personal data processing as well as the exercise of the User’s rights, the User can communicate with the Data Controller using one of the following means:
By sending an email at the following email address: contact@deployaiproject.eu
By sending correspondence to the following address:
Akademie für künstliche Intelligenz AKI gGmbH
Im Haus der Bundespressekonferenz
Schiffbauerdamm 40
10117 Berlin
2. What is the purpose and the legal basis for User’s data processing?
2.1. Usage of the DeployAI Project Website
DeployAI seeks to act as a resource to facilitate European research and innovation in AI. The platform’s objective is to support all solutions and tools that contribute to the ecosystem of excellence and trust, which define the European Vision of AI.
AI assets and tools are made accessible through the platform to be used by the broader community to upskill and transfer knowledge to innovation sectors. It supplies new services and a marketplace for non-experts so that they can experiment and deploy AI solutions in their own workplaces.
For all purposes related to making use of the platform Website (including but not limited to browsing, creating a User account, uploading or downloading assets, etc.), the legal basis is the User’s prior consent.
Where the legal basis is User’s prior consent, the User can always withdraw their consent at any time without affecting the legitimacy of the data based on consent prior to its withdrawal.
2.2 Processing of data for reasons related to Data Controller’s compliance with legal obligations
In such cases, the processing of personal data takes place for only the necessary time period in order for the Data Controller to comply with obligations imposed by various legal provisions.
3. Which personal data are processed?
3.1 Personal data
3.1. DeployAI’s communication for reasons related to User’s permitted use
In order for the DeployAI editorial and marketing teams to communicate with the User for the above purposes, the Data Controller can process all data relating to a User’s account, uploaded content and data related to the User’s use of the DeployAI Website.
3.2 Usage data
We may also collect information on how the webpage is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (IP address), browser type, browser version, the pages of our webpage that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
4. How the DeployAI Website collects personal data
4.1 The information can be collected by the following ways:
4.1.1 By visiting DeployAI Website after accepting completely or partially opting-out tracking cookies.
4.1.2 When the User voluntarily submits content via the Newsletter (DeployAI Newsletter (sibforms.com) and other Forms, and purposefully includes personal data within that content.
5. How long is personal data stored and when is it deleted?
5.1. DeployAI’s communication for reasons related to User’s permitted use of the DeployAI Website.
Data related to such communication will be stored only as long as Users wish to have access to the additional content through submitting the personal data after consent. In case Users wish to stop receiving the additional content they can delete their personal information from our DeployAI Database by clicking “Unsubscribe” button in the Email footer of the email or by contacting the Data Controller through the above mentioned contact details.
5.3. Statistical analysis for the optimization of the Website
Regardless of the above mentioned provisions of Section 5, the Data Controller will store and process only necessary data for the period required in order to comply with its obligations imposed by law (compliance with fiscal obligations, etc) and to further optimize the structure and content of the Website.
For more information, please see the section on cookies (Section 11) below.
6. What are the User’s rights in relation to the processing of their personal data and how can these rights be exercised?
6.1 The Data Controller respects the User’s rights in relation to the processing of their personal data.
6.2 Users can exercise their rights by contacting the Data Controller via the contact details provided in Section 1.
For User’s facilitation, User’s rights are included in the following table along with a short explanation of each right, as enshrined in the General Data Protection Regulation 2016/679 (GDPR):
Right
Access (Article 15)
Explanation
The User can ask the Data Controller to:
– confirm whether the Data Controller processes the User’s personal data
– provide the User with a copy of their personal data
– give the User other supplementary information related to User’s personal data such as the purposes of processing, to whom are these data disclosed, whether personal data is transferred to foreign countries and how it is protected, how long the data is stored, what are the User’s rights, how can a complaint be lodged, whether automated decision-making (including profiling) is used, and where the personal data was obtained to the extent this information is not included in the present Privacy Policy.
Right
Rectification (Article 16)
Explanation
The User can ask the Data Controller to rectify inaccurate personal data. The Data Controller can seek to verify the accuracy of the data before rectifying them.
Right
Erasure/deletion (Article17)
Explanation
The User can ask the Data Controller to erase their personal data:
– when the personal data are no longer needed for the purposes for which they were collected
– when the User withdraws their consent
– when the personal data has been processed unlawfully
The Data Controller is not obliged to comply with a User’s request to erase their personal data, if the processing of User’s personal data is necessary:
for compliance with a legal obligation for the fulfillment of another legitimate purpose or another legitimate legal basis for the establishment, exercise, or defense of legal claims
Right
Restriction (Article 18)
Explanation
The User can ask the Data Controller to restrict (store but not process) User’s personal data when:
– their accuracy is contested (see rectification), so that the Data Controller can verify the accuracy of the personal data
– the personal data have been unlawfully processed but the User opposes the erasure of the personal data they are no longer necessary for the purposes for which they were collected but the User still needs them for the establishment, exercise or defense of legal claims or there is another legitimate purpose of processing or other legal basis.
Right
Data portability (Article 20)
Explanation
When processing is based on consent and the processing is carried out by automated means, the User can ask the Data Controller to receive their personal data in a structured, commonly used and machine readable format or ask the Data Controller to transmit them to another controller directly from the Data Controller. Nevertheless, according to the law, this right refers only to those data that have been given by the User himself and not to those data that are inferred by the Data Controller based on the data that the User has provided.
Right
Objection (Article 21)
Explanation
The User can object at any time to the processing of personal data concerning them which is based on legitimate interest or performance of a task carried out in the public interest.
When the User exercises their right to object, the Data Controller has the right to demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedom of the User or for the establishment, exercise or defense of legal claims.
Right
Consent withdrawal (opt-out)
Explanation
The User has the right to withdraw their consent where consent is the basis of processing. Withdrawal is valid for the future.
Right
Supervisory Authority
Explanation
The User has the right to lodge a complaint with the local supervisory authority related to data protection.
In Ireland, the supervisory authority for data protection is the Data Protection Commission https://www.dataprotection.ie/
Right
Identity
Explanation
The Data Controller takes the confidentiality of all files that include personal data seriously, and thus is entitled to request the User for proof of their identity if the User submits a request in relation to those files.
Right
Cost
Explanation
The User will not have to pay for the exercise of their rights in relation to personal data unless, as provided by law, the request for access to information is unfounded or excessive. In that case, the Data Controller can charge the User with a reasonable fee under specific circumstances. The Data Controller will inform the User for any possible charge before completing the request.
Right
Timetable
Explanation
Data Controller aims at answering at User’s valid requests the latest within one (1) month from their receipt, unless the request is extremely complicated or the User has submitted multiple requests, in which case the Data Controller aims at answering to them within three months. In case the Data Controller needs more than one month for the reasons above mentioned, the User will be informed. The Data Controller may ask the User if they want to explain what exactly they wish to receive or what is their concern. This will help the Data Controller to act more quickly in relation to the User’s request. In any case, the User should mention specific and true data and/or facts so that the Data Controller can accurately answer and/or satisfy the User’s request. Otherwise, the Data Controller reserves their right for any faults that are outside of their control. Additionally, the Data Controller can reject requests that are unfounded, excessive, abusive, made in bad faith, or are illegitimate in the framework of the legal provisions.
7. How is data security safeguarded?
7.1 The Data Controller implements all appropriate security measures to ensure the protection and confidentiality of personal data. This includes the following measures:
Strong password policies in all servers
HTTPS protocol for interacting with APIs and Web clients
SSH protocol for server connection
Periodical server updates with latest security fixes
7.2 Please note that only specifically authorized employees of the Data Controller, acting under the authority of the Data Controller and only on their instructions where necessary, handle personal data submitted by the User. For processing, the Data Controller selects persons with appropriate qualifications that have sufficient knowledge as to technical safeguards and personal integrity to protect confidentiality. The Data Controller takes all necessary security measures for the protection and safeguard of secrecy, confidentiality, and integrity of personal data also through relevant contractual commitments of their associates. In case the security of the Website may be compromised due to reasons that reside outside the control of the Data Controller as well as due to technical or other problems of the network, force majeure, or accidents, the security of personal data cannot be guaranteed.
8. Who are the recipients of personal data?
8.1 The recipients of the User’s personal data are associate organizations that provide technical infrastructure for the operation of the DeployAI Website, hosting provider as well as the organization that undertakes to send electronic communications related to the operation of the DeployAI Website to Users. Where necessary, as per applicable laws, the Data Controller will sign agreements with such organizations, which refer to the implementation and regular monitoring of security measures. In case personal data is transferred outside the ΕU, all necessary guarantees are in place.
8.2. If the Data Controller receives a valid request to notify or transfer data following a request by the appropriate administrative authority, attorney, court or other authority, the Data Controller may notify / transfer such data in order to fulfill their duty executed in favor of the public interest towards these authorities (with or without User’s previous notification) in accordance with the appropriate legal provisions. If the User should be previously notified in accordance with the relevant legal provisions, then the User has the right to object to this processing as provided in Section 7 above.
8.3. Αs to the professional details made available by each User, they are available to all registered Users of the DeployAI Website for the purposes mentioned above.
9. Connection to other websites/social media
This Website connects with other websites through hyperlinks. These websites are not related to the Data Controller’s Website and their content is neither checked nor recommended by the Data Controller. Thus, the accuracy, legitimacy, completeness or quality of their content and legitimacy of the processing of User’s personal data cannot be checked and no guarantee is provided for them. The Data Controller cannot be held liable for them or any damage that may be caused to the User due to or following their use. The Data Controller cannot check the processing of the User’s personal data by those linked websites and thus does not bear any liability for the use of them. When the User accesses such websites they should take into consideration that the terms and conditions of each website apply. For any issue that may occur as to the content or the use of the linked website, the User should directly contact the operator or administrator of each website. The Data Controller does not approve or embrace the content or services of the linked websites, which the User accesses through the DeployAI Website.
The Website gives Users the possibility to connect and interact with social media following their own initiative and will. In that case, the Data Controller is not liable for the processing of a User’s data taking place through or by social media platforms. Users should directly address each specific social media platform in order to exercise their legitimate rights.
10. Cookies
10.1. The DeployAI Website uses cookies to be operational or more efficient in its operation, to improve the User’s navigation, to provide the User with the full potential of the DeployAI Website, and to ensure the correct display of content as well as for analytical and statistical purposes.
10.2. Cookies are small text files stored on the Users’ computer when they visit the DeployAI Website, which can be used as a means of identifying their computer.
10.3. Cookies, apart from absolutely necessary cookies, are only installed if the User accepts their installation when they visit the DeployAI Website. By accepting cookies when entering the DeployAI Website, the User expressly states that they have read and understood the specific terms and conditions regarding the installation, function, and purpose of the cookies and that they provide their consent for their use.
11.4. Alternatively, the User may not accept cookies. In this case, only cookies that are technically and functionally necessary for the operation of the DeployAI Website will be installed.
10.5. The User can manage the use and installation of cookies at any time through a panel, where they can choose which categories of cookies they want to accept.
10.6. In particular, the cookies used by the DeployAI Website are the following:
Type of cookies – Absolutely necessary Cookies
Explanation
The absolutely necessary cookies are essential for the proper operation of the DeployAI Website. These cookies allow the User to browse and use DeployAI Website features such as access to secure areas. These cookies do not recognize the User’s individual identity and without them, the smooth operation of the DeployAI Website is not possible.
Examples of cookies
SSESS5f14077676e7784cad49646a1157d45c
associated with the login session of the user. It is created after the User is logged in and deleted automatically when the User logs out.
Duration of each cookie installation
Session (24 days or until logout)
Transfer of data to third parties: No
Type of cookies – Statistics/Analytics Cookies
Explanation
These are cookies that evaluate the way visitors use the DeployAI Website (for example, which pages are visited more often and whether they receive error messages from webpages). These cookies are used for statistical purposes and to improve the performance of DeployAI Website.
cookiesjsr – A cookie set by the platform when the User responds to the cookie consent banner. – Duration of 1 year – No transfer of data to third parties
11. Children’s Privacy
Our project is not directed towards anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.
12. Privacy and Generative AI Content Disclosure
Our site utilizes Generative AI (GenAI) tools, including the Adobe Firefly engine, to create selected visual assets. These assets are used across our media channels, such as web, social media, and print, under conditions that comply with Adobe’s Generative AI User Guidelines. To ensure transparency, all visuals created with the Adobe Firefly engine are marked with a dedicated disclosure icon.
Usage and Compliance with Adobe Guidelines
Our use of the Adobe Firefly engine is intended to foster creativity, adhering to Adobe’s high standards for quality and ethical content creation. We are committed to the following:
- Prohibition of AI/ML Training
We do not use Adobe Firefly outputs or any data derived from these tools to train or develop other AI/ML models. - Respectful and Safe Use
We ensure all content generated with Adobe’s generative AI tools is respectful, inclusive, and non-harmful. We strictly avoid creating or sharing abusive, offensive, or illegal content. - Authenticity
Our use of Adobe Firefly features aligns with guidelines for authentic representation. Accounts found to be deceptive or violating Adobe’s terms may be subject to review. - Respect for Third-Party Rights
We avoid using generative AI tools to create content that infringes on third-party copyrights, trademarks, privacy, or publicity rights. - Content Credentials and Disclosure
Adobe may attach Content Credentials to disclose AI-generated outputs. We also mark all visuals created with Adobe Firefly on our site using a disclosure icon for full transparency. - Commercial Use
Outputs from Adobe Firefly, unless noted as beta and non-commercial by Adobe, are utilized commercially on our media channels.
Third-Party Content and Additional Resources
Adobe Firefly may generate outputs that include non-generative Adobe Stock assets or other stock resources, such as Freepik or Lummi AI. These assets are subject to licensing agreements with each provider and are integrated into our content under their respective terms.For more information on Adobe’s Generative AI Terms of Use, or to review their Generative AI Product-Specific Terms, please visit Adobe’s General Terms of Use and Adobe Generative AI Product Specific Terms.
13. Privacy and Content Disclosure for GenAI Stock images
In using and providing digital content, we utilize resources from various Generative AI (GenAI) tools, including Lummi AI, Adobe Stock, Freepik, and other stock content providers, to create visual and written assets. Content generated or adapted with these tools may be used across multiple media channels—such as web content, social media, or print materials—under the following conditions:
Licensing and Usage
- All content sourced from Lummi AI on this site or in our media is licensed under an irrevocable, non-exclusive, worldwide copyright license provided by Lummi AI, allowing us to download, copy, modify, and use Lummi-generated content freely. Attribution to the creator is appreciated but not required.
- Additionally, we utilize stock content from other providers, including Adobe Stock and Freepik, under their respective licenses to produce distinctive, custom-designed materials.
Permitted Uses
- We use AI-generated and stock content for both commercial and non-commercial purposes, aligning with provider policies that allow modification, reproduction, and distribution across digital and print platforms.
- All AI-generated content is marked with a dedicated disclosure icon, and content specifically generated with Adobe’s Firefly engine is also noted, ensuring transparency in media creation.
Prohibited Actions
- We comply with provider restrictions, ensuring that content is not resold or redistributed as-is, nor used in ways that could replicate or compete with Lummi AI, Adobe, or Freepik services.
- Ownership claims are not made over GenAI or stock content, even in modified forms; rights remain with the original creators or license holders.
14. Amendments to this Privacy Policy
The Data Controller reserves the right to amend this present Privacy Policy, for example when this is necessary to comply with new requirements imposed by applicable laws, guidelines or technical requirements, or in the course of a revision of the Data Controller’s processes and practices. The User will be notified of any amendment to this Privacy Policy through the DeployAI Website and/or by email. The User should regularly check this Privacy Policy for any amendments.