Ask AI Cyprus BootCamp πŸ‡¬πŸ‡§ UK Entrepreneurs πŸ‡·πŸ‡΄ RO Entrepreneurs Become a Partner Login
English | RomÒnă

Privacy Policy & GDPR Compliance

Last updated: November 2025

Our Commitment to Your Privacy

At Free Harbor, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your personal information in compliance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

We are committed to transparency and giving you control over your personal data. This policy applies to all users of our website and services.

1. Information We Collect

Information You Provide to Us:

  • Contact Information: Name, email address, phone number when you submit consultation requests or partner applications
  • Business Information: Company details, business goals, project requirements when using our AI assistant or booking consultations
  • Account Information: Login credentials, preferences for partner and admin accounts
  • Communications: Chat messages with our AI assistant, email correspondence, support requests

Information Automatically Collected:

  • Usage Data: Pages visited, features used, time spent on site, interaction patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Analytics Data: Service preferences, search queries, booking interactions
  • Session Data: Session IDs for maintaining your logged-in state and chat continuity

2. How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide AI-powered assistance, match you with qualified partners, and facilitate consultations
  • Communication: To respond to your inquiries, send appointment confirmations, and provide updates about your requests
  • Platform Improvement: To analyze usage patterns, improve our AI responses, and enhance user experience
  • Partner Matching: To connect you with the most suitable Cyprus formation and relocation specialists based on your needs
  • Security: To protect against fraud, unauthorized access, and ensure platform safety
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Consent: When you voluntarily provide information through our AI assistant or forms
  • Contract Performance: To deliver the services you requested (consultations, partner matching)
  • Legitimate Interests: To improve our services, prevent fraud, and ensure platform security
  • Legal Obligations: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

We may share your information with:

  • Verified Partners: When you request a consultation, we share relevant information with matched specialists to facilitate service delivery
  • Service Providers: Third-party providers who assist with hosting, analytics, email delivery, and payment processing (OpenAI for AI capabilities, Calendly for scheduling)
  • Legal Requirements: When required by law, court order, or government request

Note: We never sell your personal information to third parties. Partner sharing only occurs when you explicitly request a consultation.

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: HTTPS/TLS encryption for all data transmission, encrypted storage for sensitive information
  • Access Controls: Role-based access restrictions, secure authentication for partner and admin accounts
  • Data Minimization: We only collect and retain data necessary for our services
  • Regular Audits: Periodic security reviews and vulnerability assessments
  • Secure Infrastructure: Data hosted on secure, GDPR-compliant cloud infrastructure (Replit/Neon)

6. Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, contact us at privacy@freeharbor.ai. We will respond within 30 days.

7. Data Retention

We retain your personal data only as long as necessary:

  • Chat History: Stored for 12 months for service improvement and support
  • Lead Information: Retained for 24 months to facilitate partner matching and follow-ups
  • Account Data: Retained while your account is active, then deleted within 90 days of account closure
  • Analytics Data: Aggregated and anonymized data retained indefinitely for statistical purposes

You may request earlier deletion by contacting us at any time.

8. International Data Transfers

Your data may be transferred and processed in countries outside the European Economic Area (EEA), including the United States where our service providers (OpenAI, Replit) operate. We ensure adequate safeguards are in place through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with all third-party processors
  • Compliance with EU-U.S. Data Privacy Framework where applicable

9. Cookies and Tracking

We use essential cookies and local storage to:

  • Maintain your session and keep you logged in
  • Remember your theme preference (light/dark mode)
  • Track analytics events for service improvement

You can control cookie preferences through your browser settings. Disabling cookies may limit some functionality.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending email notifications for material changes

Contact Us

If you have questions about this Privacy Policy or wish to exercise your GDPR rights:

Email: privacy@freeharbor.ai

Data Protection Officer: dpo@freeharbor.ai

We are committed to resolving any privacy concerns promptly and transparently. Your trust is important to us.