This policy covers the public website, contact and signup forms, trial environments and the Allodia platform. A signed agreement, order form or data processing agreement may add more specific terms for your organization.
Who we are
Allodia provides a European AI platform that connects to a customer's own data, email, calendar and business systems. For website visitors and direct customers, Allodia is generally the controller for account, billing, sales and support data. For customer content processed inside the platform, Allodia generally acts as processor on behalf of the customer.
Data we collect
We collect only what we need to operate the site, respond to requests, create trial environments, provide the platform and keep it secure.
- Contact details such as name, work email address, company name and message content when you contact us or request a demo.
- Signup and account details such as your chosen subdomain, plan, organization, authentication events and basic usage information.
- Operational data such as logs, security events, delivery metadata and diagnostics needed to run and protect the service.
- Customer content and connected-system data only when a customer chooses to connect those systems to Allodia.
How we use data
We use personal data for clear business purposes and on GDPR grounds such as contract performance, legitimate interests, consent where required and legal obligations.
- To respond to enquiries, schedule demos and provide sales or implementation support.
- To create, operate, secure and improve Allodia environments.
- To process subscriptions, billing, license checks and administrative notices.
- To detect abuse, troubleshoot issues, maintain audit trails and comply with legal duties.
AI processing and customer data
Allodia's purpose is to run AI agents over data that customers choose to connect. Customers control which systems, documents and integrations are available to their agents.
Allodia is EU-first. The platform is designed to support EU hosting, GDPR compliance and jurisdiction controls that restrict which AI, voice, infrastructure and integration providers may process data.
We do not sell customer data. We do not use customer content to train third-party foundation models unless a customer has explicitly agreed to that in a separate setting or agreement.
Cookies and similar technology
We use necessary cookies and local storage for site functionality, language preference, security and session handling. If we add optional analytics or marketing cookies, we will ask for consent where required and document that choice clearly.
Processors and transfers
We use carefully selected service providers for hosting, email delivery, security, payment, support and AI processing. We prefer EU providers and EU processing locations where possible.
When personal data leaves the European Economic Area, we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses or customer-specific agreements.
Retention
We keep personal data only as long as needed for the purpose collected, contractual obligations, security, accounting and legal retention duties. Customer environments can be deleted or exported according to the customer's agreement and product settings.
Your rights
Depending on your role and location, you may have rights under the GDPR. If your data is in a customer's Allodia environment, we may need to refer your request to that customer as the controller.
- Access, correction or deletion of your personal data.
- Restriction of processing or objection to certain processing.
- Data portability where applicable.
- The right to lodge a complaint with your local data protection authority.
Security
We apply technical and organizational measures appropriate to the risk, including tenant isolation, access controls, encryption in transit, logging, provider checks and security-focused development practices.
Contact
Questions about privacy or data protection can be sent to info@allodia.eu. We will route your request to the right person and respond as soon as reasonably possible.