Privacy Policy
Pauhu AI Ltd ("Pauhu", "we", "us") is committed to protecting your personal data. This policy explains how we collect, use, and safeguard information when you use our websites and services.
1. Data Controller
Pauhu AI Ltd
P.O. Box 292
00101 Helsinki, Finland
Business ID: 3477255-1
Data Protection Officer: dpo@pauhu.ai
2. Legal Framework
We process personal data in accordance with:
- General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679
- Finnish Data Protection Act (1050/2018)
- EU AI Act - Regulation (EU) 2024/1689
3. Data We Collect
3.1 Data You Provide
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Account information (email, name) | Service provision | Contract |
| Payment information | Billing and invoicing | Contract |
| Support requests | Customer assistance | Legitimate interest |
| Feedback and surveys | Service improvement | Consent |
3.2 Data Collected Automatically
| Data Type | Purpose | Legal Basis |
|---|---|---|
| IP address (anonymized) | Security, analytics | Legitimate interest |
| Browser type and version | Compatibility | Legitimate interest |
| Language preferences | Localization | Legitimate interest |
| Usage patterns (anonymized) | Service improvement | Consent |
3.3 Translation Service Data
Important: When you use our translation services:
- Free tier: Text is processed in-memory and not stored
- Paid accounts: Translation history may be stored for your convenience (you can delete anytime)
- Enterprise: Data processing governed by your Data Processing Agreement (DPA)
We never use your translation content to train AI models without explicit consent.
4. How We Use Your Data
4.1 Service Provision
- Providing translation and language services
- Managing your account and subscriptions
- Processing payments through our payment provider (Stripe)
- Providing customer support
4.2 Service Improvement
- Analyzing usage patterns (anonymized)
- Testing new features
- Fixing bugs and improving performance
5. Legal Basis for Processing
| Processing Activity | Legal Basis | GDPR Article |
|---|---|---|
| Account management | Contract performance | Art. 6(1)(b) |
| Billing and payments | Contract performance | Art. 6(1)(b) |
| Security measures | Legitimate interest | Art. 6(1)(f) |
| Analytics (anonymized) | Consent | Art. 6(1)(a) |
| Legal compliance | Legal obligation | Art. 6(1)(c) |
6. Data Retention
| Data Category | Retention Period | Reason |
|---|---|---|
| Account data | Duration of account + 30 days | Service provision |
| Transaction records | 7 years | Finnish accounting law |
| Support tickets | 3 years | Service quality |
| Analytics data | 13 months | Statistical analysis |
| Security logs | 1 year | Security and fraud prevention |
After retention periods expire, data is securely deleted or anonymized.
7. Data Sharing
7.1 Service Providers
We share data with trusted processors under strict DPAs:
| Provider | Purpose | Location |
|---|---|---|
| Cloudflare | Infrastructure, CDN | EU regions only |
| Stripe | Payment processing | EU (Ireland) |
| Hetzner | Server hosting | Finland, Germany |
7.2 We Never
- Sell your personal data
- Share data with advertisers
- Transfer data outside the EU/EEA without adequate safeguards
- Use your content to train AI models without consent
8. Data Security
We implement security measures including:
- Encryption: TLS 1.3 in transit, AES-256 at rest
- Access control: Role-based, principle of least privilege
- Infrastructure: EU-only data centers
- Monitoring: 24/7 security monitoring
9. Your Rights
Under GDPR, you have the right to:
| Right | Description | How to Exercise |
|---|---|---|
| Access | Obtain a copy of your data | Email dpo@pauhu.ai |
| Rectification | Correct inaccurate data | Account settings or email |
| Erasure | Request deletion | Account settings or email |
| Restriction | Limit how we process your data | Email dpo@pauhu.ai |
| Portability | Receive data in machine-readable format | Account settings |
| Object | Object to processing | Email dpo@pauhu.ai |
Response time: We respond to requests within 30 days.
10. International Transfers
All data processing occurs within the EU/EEA. We do not transfer personal data to third countries unless:
- Adequate safeguards exist (Standard Contractual Clauses)
- You provide explicit consent
- Transfer is necessary for contract performance
11. Contact and Complaints
Questions or Requests
Email: privacy@pauhu.ai
Data Protection Officer: dpo@pauhu.ai
Supervisory Authority
If you believe we have violated your rights, you may lodge a complaint with:
Office of the Data Protection Ombudsman (Finland)
Lintulahdenkuja 4, 00530 Helsinki, Finland
Website: https://tietosuoja.fi/en/
Email: tietosuoja@om.fi