Privacy Policy - AI Labs Audit

Data Controller

The data controller for the personal data collected is:

Controller: Davy Abderrahman

Organization: SASU — AI Labs Solutions

Address: Saint-Benigne, 01190, France

Email: contact@ai-labs-solutions.fr

Website: ailabsaudit.com

Data Collected

In accordance with Articles 13 and 14 of the GDPR:

Category	Data	Purpose	Legal Basis
Identity	Name, email address, company	User account management	Performance of contract
Client company	Name, industry, website, product, city	Execution of AI visibility audits	Performance of contract
Competitors	Name, website	Comparative AI visibility analysis	Performance of contract
Audit data	AI responses, scores, GEO/AEO metrics	Report generation and recommendations	Performance of contract
Payment	Transactions managed by Stripe. No banking data stored.	Billing and subscription management	Legal obligation / Contract
Technical	IP address, User-Agent, session logs	Security, AI bot detection, maintenance	Legitimate interest

Data Usage

The data collected is used exclusively for the following purposes:

Conducting AI visibility audits (GEO/AEO)
Generating PDF reports and action plans
Tracking traffic from AI bots
Displaying the monitoring dashboard
Optimization recommendations
Billing and credit management via Stripe
Platform security and maintenance

Artificial Intelligence Processing

Important Information

Certain data is transmitted to large language models (LLMs) via the OpenRouter API.

The models queried include: ChatGPT, Claude, Gemini, Perplexity.

The servers of these agents may be located in the United States. Transfers are governed by SCCs.

The data transmitted is minimized. Results are non-deterministic.

International Transfers

Data is hosted in France / European Union by OVH SAS.

Transfers outside the EU may occur:

API calls to AI models via OpenRouter (United States)
Payments via Stripe, Inc. (United States)

Transfers comply with post-Schrems II requirements.

Technical Cookie

AI Labs Audit uses a single technical cookie. No tracking or third-party cookies.

Name	Purpose	Duration	Consent
`session`	Authentication and language preference	1 hour	Exempt (strictly necessary)

This cookie does not require prior consent (ePrivacy Directive).

Data Retention Period

Personal data is retained for the following periods:

Data Type	Retention Period
Account data	Duration of the account + 3 years
Audit data	3 years
Payment data	6 years (tax obligation)
Technical logs	1 year
Newsletter	Until unsubscription

Data Security

Security measures in place:

HTTPS encryption (TLS)
bcrypt password hashing
Parameterized SQL queries
Encrypted session cookies
Role-based access control

Your Rights (GDPR - Articles 15 to 22)

You have the following rights:

Right of access (Art. 15)
Right to rectification (Art. 16)
Right to erasure (Art. 17)
Right to restriction of processing (Art. 18)
Right to data portability (Art. 20)
Right to object (Art. 21)
Rights relating to automated decision-making (Art. 22)

To exercise your rights: contact@ai-labs-solutions.fr

Response time: 30 days maximum.

Automated Decision-Making (Article 22 GDPR)

The platform automatically generates AI visibility scores and recommendations.

These scores are provided for informational purposes only.

A human review is always available upon request. contact@ai-labs-solutions.fr.

Data Breach Notification

In the event of a personal data breach:

Notification to CNIL within 72 hours (Art. 33 GDPR)
Notification to affected individuals if high risk (Art. 34 GDPR)

Complaint to CNIL

You have the right to lodge a complaint with CNIL:

CNIL — Commission Nationale de l'Informatique et des Libertes

3 Place de Fontenoy, TSA 80715

75334 Paris Cedex 07

Website: www.cnil.fr

Policy Amendments

AI Labs Audit reserves the right to amend this privacy policy.

Users will be notified of any substantial changes.

Contact

For any questions regarding this policy:

Email: contact@ai-labs-solutions.fr

Suggested subject: Exercise of GDPR Rights — AI Labs Audit