Loading...
Siesta AI Siesta AI
Login Sign up Schedule demo

PLATFORM PRIVACY POLICY

Your trust and the protection of your privacy are our top priority. In this policy, we explain how Siesta Solution s.r.o., ID No.: 07491441, with registered office at Bruselská 14, 120 00 Prague 1 (hereinafter referred to as “we”, “Siesta”, “Platform”), processes personal data of users and customers of the Siesta AI Platform.

1. Who is responsible for the protection of personal data?

Data processing in the platform (role of the processor):

If a customer (company) uses our platform and stores or manages the personal data of its employees, clients or other persons in the platform, the customer acts as a data controller in relation to this data. In this case, we process personal data solely on the customer’s instructions, as a processor under Article 28 GDPR.

For any questions regarding your privacy, we can be reached at: info@siesta.ai

2. What personal data do we process and why?

2.1 Data we receive directly from you:

  • First name, last name, email, company name and position (e.g. when registering or using the platform)

  • Login credentials, account settings

  • Detailed information provided in business communication, support, billing or when participating in platform activities

2.2 Data entered or imported into the platform by our customers:

  • Company data, contacts, chat content, AI assistants, files or other company data entered into the platform by the customer

  • This data is managed by the customer, and we only process it for remote management and maintenance of the service according to their instructions

We only process your data to the extent necessary and in the following situations:

  • Ensuring the operation of the platform and account management: To create, maintain and protect your account, set up and provide our services.

  • Communication, customer support and business contact: To handle your requests, questions, orders, comments.

  • Sending important notifications and legal communications: In particular, billing, service changes, security notices, legal obligations.

  • Analysis, protection and improvement of services: Security analysis, attack and incident detection, feature enhancements (without identifying individuals).

Legal basis for processing:

Performance of a contract, legal obligation, legitimate interest, or consent (always clearly communicated and given a purpose).

4. Who do we share your data with?

Your data may only be disclosed to:

  • Siesta Solution employees or contractors who need the data for the stated purposes and are bound by confidentiality,

  • Service providers necessary for the operation of our IT systems, hosting, payments, analysis or administration (e.g. cloud hosting, email services, accounting services),

  • Selected AI model providers, if required by your project (always only to the extent you have specified in the settings: not for training, only for inference),

  • Public authorities, courts or authorised bodies, if required by law or decision.

We never sell or rent your personal data.

5. Data transfers abroad

We process your data mainly within the EU/EEA. If it is necessary to transfer data outside this territory (e.g. when using cloud services or AI providers), we only use verified partners and ensure an adequate level of protection based on standard contractual clauses, European Commission decisions or other safeguards under the GDPR.

6. How long do we keep the data?

  • Accounts and platform data: For as long as the account/service is in active use, up to 30 days after account cancellation, after which we will securely delete/anonymize it unless archiving is required by law (we keep billing records for up to 10 years).

  • Access and activity records: As required by law (typically 1–2 years according to our internal retention policy).

7. How do we protect your data?

  • We use encryption of transmission and data storage.

  • We regularly back up and test data recovery.

  • We restrict access to authorised individuals based on roles only.

  • We use audit trails and incident detection.

  • We never use customer data for our own model training or marketing without explicit consent.

  • We require full contractual protection under GDPR for all subcontractors.

8. Your rights

  • Under the GDPR, you have, among other things:

  • The right to access your data,

  • The right to rectification,

  • The right to erasure (the right to be forgotten, where the law allows),

  • The right to restrict processing,

  • The right to data portability,

  • The right to object to processing,

  • The right to withdraw consent at any time,

  • The right to lodge a complaint with the Office for Personal Data Protection (www.uoou.cz).

To exercise your rights, please contact: info@siesta.ai

9. Changes to the Policy

We may update this document from time to time. We will notify you of significant changes at least 30 days before they take effect (by email or directly in the platform).

10. Contact details and suggestions

Siesta Solution s.r.o.

Bruselská 14, 120 00 Prague 1

E-mail: info@siesta.ai

Personal data protection is supervised in the Czech Republic by the Office for Personal Data Protection – www.uoou.cz

These Terms shall enter into force on 25 June 2024.

Top