Privacy Policy
How your information is collected, used, and protected. GDPR and EU compliant.
1. Data controller
Lyntaris is the data controller for the processing described in this policy. Lyntaris provides an AI-powered conversational platform that can be deployed on kiosks, the web, mobile applications, and messaging channels (e.g. WhatsApp, SMS) on behalf of its clients. This policy applies to the Lyntaris website (lyntaris.com), the Lyntaris platform, and the services it operates.
Contact for questions and rights: [email protected]
Lyntaris will respond to requests within 30 days where required by law (e.g. GDPR Art. 12(3)).
2. Purposes and categories of data
Lyntaris processes personal data only where necessary and with a clear legal basis:
- Website and contact: When you contact Lyntaris (e.g. via the website), Lyntaris processes the data you provide (such as name, email, message content) to respond to your enquiry. Legal basis: your consent or Lyntaris’s legitimate interest in handling enquiries (Art. 6(1)(a) or (f) GDPR).
- Conversation and messaging (platform services): When you interact with the AI via a client deployment (e.g. kiosk, web chat, WhatsApp, SMS), Lyntaris processes the content of your messages and identifiers necessary to deliver the conversation (e.g. phone number or session identifier). This is required to provide the service. Legal basis: performance of a contract or legitimate interest of the client or Lyntaris (Art. 6(1)(b) or (f) GDPR). Where messaging is via third-party channels (e.g. WhatsApp, SMS), those providers process data under their own policies.
- Technical and operational data: Lyntaris processes data strictly necessary to operate and secure its systems (e.g. IP address, request logs, device or browser type). Legal basis: legitimate interest in security and operation (Art. 6(1)(f) GDPR).
Lyntaris does not collect or process more than is necessary for these purposes. Lyntaris does not sell your personal data.
3. Consent and optional features
Where Lyntaris solutions include optional features that process special categories of data (e.g. voice or face-related data) or data beyond what is strictly necessary for the conversation, Lyntaris will ask for your explicit consent at the point of use. You may withdraw consent at any time (e.g. by using the provided option or by contacting Lyntaris); withdrawal does not affect the lawfulness of processing before withdrawal.
4. Storage and deletion
Lyntaris retains personal data only for as long as necessary to fulfil the purposes above, comply with legal obligations, or resolve disputes. Conversation and messaging data are retained in line with Lyntaris and its clients’ retention policies (typically for the duration of the service and a limited period thereafter). You may request erasure at any time (see “Your rights” below); Lyntaris will erase or anonymise data without undue delay unless required or permitted to retain it by law.
5. Recipients and transfers
Lyntaris may use processors (e.g. hosting, messaging gateways) that process data on its instructions. Lyntaris chooses processors that provide sufficient guarantees under Art. 28 GDPR. Data are not transferred outside the EU/EEA unless appropriate safeguards (e.g. standard contractual clauses, adequacy decision) are in place. Lyntaris may disclose data where required by law or to protect rights and safety.
6. Technical and organisational measures
Lyntaris uses appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse (e.g. encryption in transit, access controls, secure processing). No method of transmission or storage is completely secure; Lyntaris does not guarantee absolute security.
7. Automated decision-making
Lyntaris does not use your data for automated decision-making or profiling that produces legal effects or similarly significantly affects you (within the meaning of Art. 22 GDPR). The platform’s AI is used to conduct conversations and support services only.
8. Your rights (GDPR)
If you are in the EEA or otherwise protected by GDPR, you have the following rights:
| Right | Meaning | How to exercise |
|---|---|---|
| Access | Obtain confirmation and a copy of your data | Email [email protected] |
| Rectification | Correct inaccurate or incomplete data | |
| Erasure | Request deletion of your data | Email (subject: “Data deletion request”) |
| Restriction | Limit processing in certain cases | |
| Portability | Receive your data in a machine-readable format | |
| Object | Object to processing based on legitimate interest | |
| Withdraw consent | Where processing is based on consent | Email or in-app option where offered |
| Complaint | Lodge a complaint with a supervisory authority | e.g. Informacijski pooblaščenec RS (Slovenia) or your local authority |
Lyntaris will respond to valid requests without undue delay and at latest within 30 days where required by law.
9. Minors
Lyntaris services are not aimed at minors below the age required by applicable law (e.g. 16 in the EEA where applicable). Lyntaris does not knowingly collect personal data from such minors. If you believe such data has been collected, please contact Lyntaris and the data will be deleted.
10. Changes to this policy
Lyntaris may update this Privacy Policy from time to time (e.g. to reflect legal or technical changes). The updated version will be posted on this page with a revised “Last updated” date. You are encouraged to review it periodically.
11. Contact
For any questions, requests, or complaints regarding this policy or your personal data:
Lyntaris
Email: [email protected]