Scope
This statement relates to the EUAIC website and business enquiries. Customer platform data, support data and service records should be governed by the relevant contract, privacy terms, data processing addendum and technical configuration.
Governance & Legal
GDPR Compliance Statement
This statement explains how data protection principles should apply to EUAIC website enquiry and communication handling.
This page is written for website visitors, procurement teams, compliance reviewers and prospective customers. It is intended to make EUAIC’s website terms and policy position clear without pretending to be legal advice.
AIEU
Read policy
Check scope
Review responsibilities
Contact EUAIC
Govern
Govern
Data protection principles
Personal data should be processed lawfully, fairly and transparently. It should be collected for clear purposes, limited to what is necessary, kept accurate where practical, retained only as needed and protected with appropriate security.
Typical lawful bases
Business enquiry handling may rely on legitimate interests, contractual steps, contract performance, legal obligations or consent depending on the communication and processing activity.
Rights handling
Individuals may have rights to access, rectification, erasure, restriction, objection, portability and withdrawal of consent where consent is relied upon. Requests should be assessed based on identity, scope, legal basis and any retention obligations.
Supervisory authority
Individuals can raise concerns with the UK Information Commissioner’s Office if they believe data protection rights have been infringed. Organisations should first be given a fair opportunity to review and respond where appropriate.
Website records and service records
Website enquiry records are different from customer platform records. Enquiries normally relate to business contact and sales communication. Customer platform records may involve configured service data, user accounts, support tickets, logs, documents or evidence files and should be covered by service-specific terms.
Data minimisation
Only information reasonably needed for the purpose should be requested or retained. If a visitor sends unnecessary personal data, the information may still be received, but it should not be used beyond appropriate handling, response, deletion, security review or lawful record keeping.
Accountability
A GDPR-aware approach requires more than a policy page. It depends on accurate records, access control, supplier review, retention discipline, staff awareness, appropriate contracts and a process for handling rights requests and incidents.
How this policy should be read
This page is written for website visitors and corporate reviewers. It should be read together with the Legal Notice, Privacy Policy, Cookie Policy and Terms of Use. Where a customer has a signed agreement, order form, statement of work, data processing addendum or service schedule, that document will take priority over this general website wording for the relevant service.
Contact and review
Questions about this policy can be raised through the EUAIC contact route. A useful enquiry should identify the page, the concern, the affected service or communication, and any relevant reference. Policies should be reviewed when the website, service model, supplier stack, cookie configuration, platform features or customer contracting process changes.
Important note
These website policies are written for clear corporate communication. They do not replace a signed agreement, formal legal advice, regulatory advice, security assurance or a customer-specific data processing addendum.
Legal pages
Related EUAIC policies
Use these pages to review privacy, cookies, terms, security, accessibility and responsible AI information in a structured way.
Privacy PolicyUnderstand how EUAIC handles website enquiries, business contact details, communication records, privacy rights and retention.TermsRead EUAIC website terms covering acceptable access, intellectual property, no legal advice, external links and liability boundaries.AccessibilityRead EUAIC accessibility principles for responsive layouts, readable structure, clear navigation and inclusive website improvement.Legal CentreAccess EUAIC legal information including privacy, cookies, terms, legal notice, security, GDPR, accessibility and responsible AI policies.Cookie PolicyRead how the EUAIC website may use essential cookies, analytics cookies, security technologies and visitor preferences.Acceptable UseReview acceptable use expectations for EUAIC website access, enquiry forms, security, communication and responsible conduct.Data ProcessingRead EUAIC data processing information covering customer instructions, controller and processor roles, security and sub-processor review.Security StatementReview EUAIC security principles for website protection, access control, monitoring, maintenance and responsible reporting.Sub-processorsReview how EUAIC may approach third-party providers, hosting, infrastructure, analytics, communication tools and customer review.Service LevelsUnderstand EUAIC service level themes for availability, planned maintenance, support expectations and incident handling.Refunds & CancellationReview EUAIC refund and cancellation principles for subscriptions, implementation, consulting, custom work and agreed contracts.Anti-SpamRead EUAIC anti-spam principles for responsible business emails, communication quality, unsubscribe handling and sender reputation.Intellectual PropertyReview EUAIC intellectual property rules for website content, branding, graphics, software descriptions and design materials.ComplaintsLearn how to raise EUAIC website, enquiry, service, privacy, security, accessibility or billing concerns for professional review and response.Responsible AIReview EUAIC responsible AI principles covering governance, oversight, transparency, evidence, risk review and accountability.AI Governance DisclaimerRead the EUAIC disclaimer explaining that AI compliance information is general and does not replace professional advice.Legal NoticeReview EUAIC legal notice information including company identity, website ownership, intellectual property and professional advice limitations.Responsible DisclosureRead EUAIC responsible disclosure expectations for reporting security issues safely, privately and without unauthorised exploitation.Data RetentionReview EUAIC data retention principles for enquiries, communication records, website logs, service records and deletion requests.Modern SlaveryRead EUAIC’s modern slavery and ethical trading statement for responsible business conduct and supplier awareness.Equality & InclusionRead EUAIC’s equality, diversity and inclusion statement for respectful access, communication and responsible business culture.
Questions
Frequently asked questions
Does this cover all customer platform data?
No. Customer platform data should be covered by service-specific terms and processing agreements.
Can visitors make rights requests?
Yes, subject to verification and applicable law.
Is GDPR compliance automatic?
No. It depends on actual processing, contracts, technical controls and procedures.