Privacy Policy

1. Introduction

This Privacy Policy describes how AI Liability Calculator ("we," "us," or "our") collects, uses, discloses, and safeguards information when you visit our website and use our AI Liability & Compliance Calculator tool (collectively, the "Service"). We are committed to protecting your privacy and processing your personal data in accordance with the General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and other applicable privacy laws.

Please read this Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with its terms, please discontinue use of the Service.

2. Data Controller

For the purposes of applicable data protection legislation, the data controller responsible for your personal data is AI Liability Calculator. We process personal data only for the purposes described in this Policy and retain it for no longer than necessary. If you have questions about our data practices, please contact us at the address provided in Section 12.

3. Information We Collect

3.1 Information You Provide Directly

The calculator on our Service is designed to operate entirely client-side. Financial inputs you enter — including revenue estimates, risk classifications, and jurisdiction selections — are processed locally in your browser and are not transmitted to our servers. We do not store, log, or retain any calculation inputs or outputs.

3.2 Automatically Collected Information

When you visit our Service, we may automatically collect certain technical information through standard server logs and analytics tools, including:

• IP address (truncated and anonymized where technically feasible)
• Browser type and version
• Operating system
• Referring URL
• Pages visited and time spent on each page
• Date and time of visit

This information is used in aggregate form to understand how our Service is used and to improve its functionality. We do not use this data to identify individual users.

3.3 Cookies and Similar Technologies

We may use cookies and similar tracking technologies to enhance your experience on our Service. These may include strictly necessary cookies (required for the Service to function), analytics cookies (to understand usage patterns), and advertising cookies (to serve relevant advertisements through networks such as Google AdSense). You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

4. Google AdSense and Third-Party Advertising

Our Service may display advertisements served by Google AdSense and other third-party advertising networks. These services may use cookies and web beacons to collect information about your visits to this and other websites to provide targeted advertisements. The information collected may include your IP address, browser type, the pages you visit, and your interactions with advertisements.

Google's use of advertising cookies enables it and its partners to serve ads based on your visits to our Service and other sites on the Internet. You may opt out of personalized advertising by visiting Google Ads Settings or by using the Network Advertising Initiative opt-out page. You can also opt out using the Digital Advertising Alliance's opt-out tool.

For more information on how Google uses data collected from our Service, please review Google's Privacy Policy. We do not control and are not responsible for the content of third-party advertisements or the data practices of advertising networks.

5. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and UK, we process personal data on the following legal bases:

• Legitimate Interests (Article 6(1)(f) GDPR): We process automatically collected technical data to maintain and improve the security and performance of our Service, where our interests are not overridden by your rights.
• Consent (Article 6(1)(a) GDPR): For non-essential cookies and advertising-related data collection, we rely on your consent, which you may withdraw at any time.
• Compliance with Legal Obligations (Article 6(1)(c) GDPR): Where we are required to retain or disclose data by applicable law.

6. How We Use Your Information

We use the information we collect to:

• Operate, maintain, and improve the Service
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Comply with applicable legal obligations
• Serve advertising content through third-party networks (with your consent where required)

We do not sell your personal data to third parties. We do not use personal data for automated individual decision-making or profiling that produces legal or similarly significant effects.

7. Data Sharing and Disclosure

We may share information with third parties only in the following circumstances:

• Service Providers: We engage third-party vendors to support our Service (e.g., hosting, analytics). These providers are contractually obligated to process data only on our instructions and in accordance with applicable law.
• Advertising Networks: As described in Section 4, third-party advertising networks may collect data through cookies placed on our Service.
• Legal Requirements: We may disclose information where required by law, court order, or governmental authority, or where necessary to protect our legal rights or the safety of users.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the transaction, subject to equivalent privacy protections.

8. Data Retention

We retain automatically collected technical data (server logs) for a maximum of 90 days, after which it is deleted or fully anonymized. As noted, calculator input and output data is not collected or retained by us. Anonymized, aggregated analytics data may be retained indefinitely for the purpose of understanding long-term usage trends.

9. International Data Transfers

Our Service may involve the transfer of data to countries outside your home jurisdiction, including to the United States. Where such transfers involve personal data of EEA or UK residents, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or equivalent transfer mechanisms recognized under applicable law.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access — to receive a copy of personal data we hold about you
• Right to rectification — to correct inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing based on legitimate interests
• Right to withdraw consent at any time (without affecting prior lawful processing)
• Right to lodge a complaint with a supervisory authority

California residents have additional rights under the CCPA, including the right to know what personal information is collected and the right to opt out of the sale of personal information. We do not sell personal information as defined under the CCPA.

11. Security

We implement industry-standard technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security and accept no liability for unauthorized access that is beyond our reasonable control.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. We will post the revised Policy on this page with an updated "Last Updated" date. Your continued use of the Service following any changes constitutes your acceptance of the revised Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us. EEA and UK residents may also contact their relevant national data protection authority if they believe their rights have not been adequately addressed.