Skip to main content Skip to navigation

Keyboard Shortcuts

Navigation

Go to Dashboard Alt+D
Open Services Menu Alt+S
Buy Credits Alt+B
Payment History Alt+P
Organizations Alt+O
Logout Alt+L

Services

Upload Document Alt+U
Restructure Document Alt+R
Image Chat Alt+C
Image Maps Alt+M

Help

Show Keyboard Shortcuts Alt+/

Press Escape to close this dialog

GDPR Compliance

Last Updated: October 2025

1. Overview

VedAI is committed to complying with the General Data Protection Regulation (GDPR) for all users, particularly those in the European Economic Area (EEA). This page explains our GDPR compliance measures and your rights under GDPR.

2. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contractual Necessity: To provide our document conversion service
  • Consent: For marketing communications and optional features
  • Legitimate Interest: For service improvement and fraud prevention
  • Legal Obligation: To comply with applicable laws and regulations

3. Your GDPR Rights

3.1 Right to Access

You have the right to request a copy of all personal data we hold about you.

3.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

3.3 Right to Erasure

You can request deletion of your personal data (right to be forgotten), subject to legal retention requirements.

3.4 Right to Restriction

You can request that we limit how we use your personal data.

3.5 Right to Data Portability

You can request your data in a structured, machine-readable format to transfer to another service.

3.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

3.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

4. How to Exercise Your Rights

To exercise any of your GDPR rights:

  1. Email support@vedai.co with subject "GDPR Request"
  2. Specify which right you wish to exercise
  3. Provide your account email for verification
  4. We will respond within 30 days

We may request additional information to verify your identity before processing your request.

5. Data We Collect

5.1 Personal Data

  • Name and email address
  • Account credentials (encrypted)
  • Payment information (via secure processors)
  • Usage and preference data

5.2 Document Data

  • Files you upload
  • Converted output files
  • Processing metadata

5.3 Technical Data

  • IP address
  • Browser and device information
  • Usage logs

6. Data Processing and Storage

6.1 Data Location

Your data may be processed and stored in servers located in various countries. We ensure appropriate safeguards are in place for international transfers.

6.2 Data Security

  • Encryption in transit (SSL/TLS)
  • Encryption at rest for sensitive data
  • Regular security audits
  • Access controls and authentication
  • Staff training on data protection

6.3 Data Retention

  • Account data: Until account deletion
  • Uploaded files: 30 days maximum
  • Converted files: Per user settings or expiration
  • Transaction records: As required by law
  • Anonymized analytics: Indefinitely

7. Third-Party Processors

We work with trusted third-party processors who comply with GDPR:

  • Payment processors (PCI-DSS compliant)
  • Cloud storage providers
  • Email service providers
  • Analytics services

All processors are bound by Data Processing Agreements (DPAs) and comply with GDPR requirements.

8. Cookies and Tracking

We use cookies for:

  • Essential session management
  • Security and fraud prevention
  • Analytics and service improvement

You can manage cookie preferences through your browser settings. Essential cookies are required for service functionality.

9. Marketing Communications

  • We only send marketing emails with your consent
  • You can opt-out at any time via unsubscribe links
  • Service-related emails are not affected by marketing opt-out

10. Data Breach Notification

In the event of a data breach affecting your personal data:

  • We will notify affected users within 72 hours
  • We will report to relevant supervisory authorities
  • We will provide information about the breach and remediation steps

11. Children's Privacy

Our service is not intended for children under 13. However, given the educational nature of our service supporting middle school students (5th-6th grade and above), we may allow users aged 10-13 with verified parental consent. We do not knowingly collect data from children under 10 without explicit parental permission. If we discover unauthorized collection, we will delete it promptly and may request parental consent verification.

12. Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with GDPR.

13. Updates to This Page

We may update this GDPR compliance page periodically. Significant changes will be communicated via email.

14. Contact

For GDPR-related questions or to exercise your rights:

Email: support@vedai.co

Subject: GDPR Request