Platform under active development — Some features are in testing phase. Own antivirus engine currently in beta testing.
← Documentation

Privacy Policy

GDPR compliance notice and data processing guidelines.

Effective: January 1, 2026
Data Controller: DigitalImpact GPT Ltd.
Contact: info@digitalimpactgpt.com
Applicable law: EU Regulation 2016/679 (GDPR), Hungarian Act CXII of 2011 (Info Act)

1. Data Controller

FieldValue
NameDigitalImpact GPT Ltd.
Emailinfo@digitalimpactgpt.com
Websitehttps://digitalimpactgpt.com
Data Protection Officerdpo@digitalimpactgpt.com

2. Data Processing Purposes & Legal Basis

PurposeLegal BasisRetention
Contact inquiriesGDPR 6(1)(b) — pre-contractual step2 years
Service deliveryGDPR 6(1)(b) — contract performanceContract + 5 years
Legal obligationsGDPR 6(1)(c) — legal requirement8 years (accounting law)
System loggingGDPR 6(1)(f) — legitimate interest1 year
Web analyticsGDPR 6(1)(a) — consentUntil consent withdrawal

3. Data Minimization

The AION Core platform follows the principle of data minimization:

📊

Only What's Necessary

We process only personal data strictly necessary for service delivery.

🗑️

Automatic Deletion

Data is automatically and irreversibly deleted upon retention period expiry.

🔐

Pseudonymization

Where possible, data is processed in pseudonymized form.

🚫

No Profiling

We do not perform automated decision-making or profiling under GDPR Article 22.

4. Data Subject Rights

Under the GDPR, you have the following rights:

📖

Right of Access (Art. 15)

You can request information about what personal data we process about you.

✏️

Right to Rectification (Art. 16)

You can request correction of inaccurate data or completion of incomplete data.

🗑️

Right to Erasure (Art. 17)

You can request deletion of your personal data ("right to be forgotten").

⏸️

Right to Restriction (Art. 18)

You can request restriction of processing under certain conditions.

📦

Data Portability (Art. 20)

You can request your data in a machine-readable format.

Right to Object (Art. 21)

You can object to processing based on legitimate interest.

To exercise your rights, contact: dpo@digitalimpactgpt.com. Requests are fulfilled within 30 days.

5. Data Security

MeasureDescription
Encryption (transit)TLS 1.3 on all communication channels
Encryption (at-rest)AES-256-GCM for all stored data
Access controlRBAC + Zero Trust authentication
LoggingImmutable audit log for all data access
BackupDaily encrypted backup, geo-redundant storage

6. Data Transfers

We do not transfer personal data to third countries. All data processing occurs exclusively on servers within the EU/EEA.

Data processors:

ProviderPurposeLocation
Cloudflare, Inc.CDN, WAF, DNSEU data processing agreement in place

7. Complaints

If you believe our data processing is unlawful, you may file a complaint with:

Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary
  • Email: ugyfelszolgalat@naih.hu
  • Web: https://naih.hu