1. Introduction to GDPR
At Vitrix Inc., we are committed to compliance with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the European Economic Area (EEA).
2. Data Controller Information
Vitrix Inc. acts as the data controller for personal data collected through our services. You can contact us at:
Vitrix Inc.
Delaware, United States
Email: [email protected]
3. Legal Basis for Processing
We process personal data under the following legal bases:
- Consent: When you explicitly agree to the processing of your data
- Contract: When processing is necessary for the performance of our contract with you
- Legal Obligation: When we need to comply with legal requirements
- Legitimate Interests: When we have a legitimate business interest in processing your data
4. Your GDPR Rights
Under GDPR, you have the following rights:
- Right to Access: Obtain confirmation of whether we process your data and request copies of that data
- Right to Rectification: Request correction of inaccurate data or completion of incomplete data
- Right to Erasure: Request deletion of your personal data in certain circumstances
- Right to Restrict Processing: Limit how we use your personal data
- Right to Data Portability: Receive your data in a structured, commonly used format and transmit it to another controller
- Right to Object: Object to our processing of your personal data
- Rights Related to Automated Decision Making: Not be subject to decisions based solely on automated processing
5. Data Protection Measures
We implement appropriate technical and organizational measures to ensure data security, including:
- Encryption of personal data
- Regular security assessments
- Access controls and authentication
- Staff training on data protection
- Data protection impact assessments
6. International Data Transfers
When transferring data outside the EEA, we ensure appropriate safeguards through:
- Standard contractual clauses
- Adequacy decisions by the European Commission
- Binding corporate rules where applicable
7. Data Breach Notification
In the event of a personal data breach, we will:
- Notify the relevant supervisory authority within 72 hours
- Inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
- Document all breaches, including their effects and remedial action taken
8. Data Protection Officer
While we have not appointed a formal Data Protection Officer, our privacy team can be contacted at:
Email: [email protected]
9. Automated Decision Making
Our AI image generation service involves automated processing. However, this processing:
- Does not produce legal effects concerning you
- Is necessary for entering into or performance of a contract between you and us
- Is based on your explicit consent
10. Cookie Compliance
We comply with GDPR requirements for cookies by:
- Obtaining explicit consent before setting non-essential cookies
- Providing detailed information about each cookie category
- Allowing users to manage their cookie preferences
- Ensuring cookies are set only after consent is obtained
11. Contact Information
For any GDPR-related inquiries or to exercise your rights, please contact us at:
Vitrix Inc.
Privacy Team
Email: [email protected]