GDPR Compliance

Last Updated: 10/11/24

Polished Prose AI is committed to complying with the General Data Protection Regulation (GDPR) and protecting the personal data of our customers and website visitors. Here is how we comply with GDPR requirements:

1. Data Collection We collect only the necessary personal data to fulfill our service contracts, provide customer support, and send marketing communications (if opted in). This includes name, email address, and payment information.

2. Lawful Basis for Processing We process your personal data based on the following lawful bases:

  • Your consent (e.g., subscribing to marketing emails)

  • Performance of a contract (e.g., processing an order)

  • Legitimate interests (e.g., improving our website and services)

We rely on contractual necessity as the legal basis for processing non-sensitive client data through AI and other third-party tools as part of fulfilling our services. By engaging our services, clients acknowledge and consent to the use of these tools.

3. Data Processing Polished Prose AI processes personal data in accordance with GDPR regulations. This includes collecting, storing, and processing data provided by clients for services such as biography writing, case studies, blog posts, legal letter drafting and other content creation services. If sensitive data is collected (e.g., personal stories, professional histories), we will obtain explicit consent from the client prior to collecting this information. Personal data will be stored only for as long as necessary to fulfill the purpose for which it was collected, including any legal or contractual obligations. Clients can request the deletion of their data once the service has been completed, in line with applicable data retention policies. As part of our service provision, we may use third-party tools, including AI (such as ChatGPT, Canva, and Grammarly), to assist in service delivery. We limit the data inputted into these tools to non-sensitive information necessary for fulfilling client requests, ensuring that we adhere to strict data protection standards.

4. Data Subject Rights Under GDPR, you have the following rights:

  • Right to access: You can request a copy of the personal data we hold about you.

  • Right to rectification: You can correct any inaccuracies in your personal data.

  • Right to erasure: You can request the deletion of your personal data.

  • Right to restrict processing: You can request that we limit the processing of your personal data.

  • Right to data portability: You can request a copy of your personal data in a structured format.

  • Right to object: You can object to the processing of your personal data in certain circumstances.

Although our use of third-party tools involves limited data input, we uphold these rights to ensure transparency and compliance.

To exercise any of these rights, please contact us at team@polishedproseai.com.

5. Data Protection Officer If you have any questions or concerns about how your personal data is being processed, please contact our Data Protection Officer at team@polishedproseai.com.

6. Third-Party Processors We may share your personal data with third-party service providers to fulfill our contractual obligations. These third parties are GDPR-compliant and are only permitted to process your personal data in accordance with our instructions. We conduct due diligence on our third-party providers to ensure they meet GDPR standards, including data protection commitments by such providers as Canva, Grammarly, and ChatGPT.

7. Subprocessors Disclosure Polished Prose AI relies on various subprocessors to provide and operate our services effectively. These third-party service providers assist in key operational functions such as website hosting, payment processing, and content generation. We ensure that each subprocessor complies with data protection regulations, and processing agreements are in place to protect your data. To provide and operate our services effectively, Polished Prose AI may share personal data with third-party service providers ("subprocessors") as outlined below. Each subprocessor has been carefully selected to ensure compliance with data protection regulations, and processing agreements are in place to protect your data.

  • Squarespace: Used for website hosting and processing orders.

  • Squarespace Payments: Used for payment processing on the website.

  • Stripe: Payment processing provider.

  • PayPal: Payment processing provider.

  • Gmail: For managing client communications via email.

  • Google Analytics: Used to analyze website traffic and performance.

7.1. Subprocessor Disclosure for AI-Assisted Services In providing our services, Polished Prose AI utilizes subprocessors to assist in content generation and service delivery, including In addition to the core services mentioned above, Polished Prose AI uses AI-assisted tools and subprocessors to enhance the quality and efficiency of the services we deliver. Specifically, OpenAI's ChatGPT, Canva, and Grammarly are used to support content generation and enhance deliverables.

  • OpenAI's ChatGPT helps us fulfill client requests related to content generation. Minimal, necessary information is input into ChatGPT to assist in service delivery.

  • Canva is used for creating visual content, such as graphics, presentations, and designs.

  • Grammarly is used to ensure content accuracy, grammar, and style enhancements.

We would like to reassure our clients that:

  • Only minimal, necessary information is input into AI systems and third-party tools.

  • Data shared with OpenAI, Canva, Grammarly, and other subprocessors is anonymized or generalized where possible to maintain client privacy.

  • All subprocessors adhere to strict GDPR compliance standards, ensuring that data is processed securely and responsibly.

By engaging with our services, clients acknowledge and consent to the use of these subprocessors, including OpenAI's ChatGPT, Canva, and Grammarly, as part of the service delivery process. These subprocessors have access only to the limited information required to perform their functions and are contractually obligated to protect personal information in accordance with GDPR standards. For more information about our subprocessors or how we handle data, please refer to our Privacy Policy or contact us directly.

8. Data Security We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or destruction. However, no method of data transmission or storage is 100% secure, and we cannot guarantee the absolute security of your data.

9. Age Verification Polished Prose AI complies with the General Data Protection Regulation (GDPR) in relation to the collection and processing of personal data. Our services are only available to individuals who are 18 years of age or older. We do not knowingly collect personal data from individuals under the age of 18. If we discover that we have inadvertently collected personal data from a user under 18, we will take immediate action to delete that data. By using our services, you confirm that you are at least 18 years of age, and you consent to the processing of your personal data as described in our Privacy Policy.

10. Data Processing Agreement (DPA) Where applicable, Polished Prose AI enters into Data Processing Agreements (DPAs) with third-party providers to ensure the lawful processing of personal data in line with GDPR requirements.

11. Client Control Over Personal Data Clients have full control over the personal data they choose to share with Polished Prose AI and may request data modification or deletion at any time, as outlined in our Privacy Policy.

12. Pro Bono Services and GDPR Compliance The processing of data for pro bono services is based on legitimate interest and the consent provided during application submission. We employ appropriate technical and organizational measures to protect your data related to pro bono services. As a data subject, you have the right to access, modify, or delete your data associated with pro bono services. To exercise these rights, contact us at team@polishedproseai.com. You may withdraw your consent at any time, though this may affect our ability to provide pro bono assistance.

GDPR Compliance Disclaimer
We are committed to complying with the General Data Protection Regulation (GDPR) to protect the personal data of users within the European Economic Area (EEA). While we take appropriate measures to ensure data security and respect your privacy rights, full GDPR compliance also requires user responsibility.

Please be aware that while we strive to maintain GDPR standards with any third-party providers, we cannot guarantee their compliance. Users are encouraged to review the privacy policies of any linked third-party sites or services for a complete understanding of how they handle personal data.

By using our website, you acknowledge and agree to the data practices described in our Privacy Policy. If you have any questions or would like to exercise your GDPR rights, such as requesting data access, correction, or deletion, please contact us directly at team@polishedproseai.com.