Have a question you want an answer for? Let us show you how it works.
Book a demo

Data safety and privacy

To deliver our services, we process our clients’ data - internal or external - or publically available data that we scrape. We respect the privacy of our clients. We want to be upfront and transparent about our practices with regard to data safety and privacy. 

Personal data

At DrAI, we do not process individual personal data. If a client orders the analysis of a set of internal data containing personal data (name, IP, email…), we will anonymize the set of data and delete any reference to specific individuals. We make sure that the data we process can never be restored back into the form of personal data later on.

DrAI does handle some personal data for marketing and analytics purposes - cookies on our website - as well as for invoicing and client relationship management. Once again, this never applies to data sets processed as part of a service contract.
More about data privacy in non-contractual relations here.

Data scraping

Data scraping is a data collection method. The data are collected and copied from the clients’ internal data, from the internet or other publicly available sources. We only scrape data intended to be analysed for our clients’ project, as per contract.

We use our proprietary program to scrape. We have technically ensured that no personal data is ever not collected from the mass of text in association with data scraping.

Scraping from publicly available data online is legal and does not require consent from the data host. For instance, DrAI can perfectly scrape a specific hashtag feed on Twitter.

GDPR compliance

We anonymize all the data that we process. Moreover, we handle data at an aggregated level. Individual persons cannot be identified from the aggregated data. Hence, the General Data Protection Regulation (GDPR) does not apply here since it is a case of anonymous data.

Data processing contract

It is not necessary to make a data processing contract between DrAI and its clients. Indeed, as per Article 28 of the General Data Protection Regulation, the parties are not in a register controller - processor relationship. DrAI does not handle personal data on behalf of its clients. Thus DrAI does not act as a processor as per defined by the General Data Protection Regulation.

Sensitive internal data

The safety of its clients’ data is primordial for DrAI. When dealing with sensitive internal data, we can propose an on-premises extraction.
For instance, when dealing with a client from the Healthcare sector that needs medical records analyzed, we will come on the hospital premises to retrieve the said records.

Data Protection and Privacy

The data processed for a client as part of the service delivered to said client is private. It is stored safely on our protected server. It will never be disclosed to any party but the contracting parties.

Clients can request the complete deletion of the data related to their project once the service is completed and the results delivered.
On explicit demand, clients can retrieve their data set in its raw English version - DrAI processes 60+ languages that are all translated to English to enable comparative analysis.

For special requests or to get more information around data processing, safety and privacy, please contact valtteri.kaartemo@drai.fi 

Get the answers to your strategic questions in just one day.*