Empatik AI (by Aiyo AB, reg. no. 559358-7396), Östermalmsgatan 26 A, 114 26 Stockholm, Sweden (“Empatik”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Notice explains how we process personal data in compliance with applicable law, including the EU/UK GDPR and relevant U.S. state laws. It applies to visitors of empatik.ai, individuals who contact us, and other business contacts—in our capacity as data controller.
This notice does not cover users of our Empatik Intelligence platform; those services will be governed by separate terms and privacy documentation. We only use your personal data for the purposes described here and not in any manner incompatible with those purposes. If you have questions, you’ll find our contact details at the end of this Notice.

1. Who We Are

Empatik AI (by Aiyo AB, Sweden) (“we”, “us”) operates the website empatik.ai. We respect your privacy and comply with applicable data-protection laws, including the EU GDPR, UK GDPR, and relevant U.S. state laws such as the CCPA where applicable.

2. Personal Data We Collect

We collect:

• Contact data: if you reach out via email or form (name, email, message).

• Usage data: pages visited, browser type, IP address, and similar analytics via Google Analytics 4.

• Cookies: see our Cookie Policy for details.

We do not process sensitive data, nor do we analyse any video or communication data from Empatik Intelligence users through this website.

3. How We Use Data

We process personal data to:

• Improve and secure the website;

• Analyse aggregated visitor trends;

• Respond to contact inquiries;

• Comply with legal obligations.

4. Legal Basis for Processing

Under the GDPR, processing is based on:

• Consent (for analytics cookies);

• Legitimate interest (to operate and secure the site);

• Legal obligation (where required by law).

5. Data Retention

We retain analytics data for up to 14 months and contact correspondence as long as necessary to fulfil the inquiry or legal requirements.

6. Sharing of Data

We use trusted processors, including Google Ireland Ltd. (Google Analytics, GTM). These providers may process data within or outside the EEA under appropriate safeguards (e.g., EU Standard Contractual Clauses).
We do not sell or rent personal information.

7. Your Rights

Under GDPR you may:

• Request access to your personal data;

• Request correction or deletion;

• Withdraw consent at any time;

• Object to processing or request portability.

To exercise these rights, contact info@empatik.ai.
If you believe we have mishandled your data, you may also lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

8. Data Security

We employ appropriate technical and organisational measures to safeguard data from loss, misuse, or unauthorised access.

9. International Transfers

When data is transferred outside the EEA, we rely on EU-approved safeguards such as Standard Contractual Clauses or equivalent frameworks.

10. Updates to This Notice

We may update this Privacy Policy periodically. The date at the top indicates the latest version.