GDPR Compliance

How Secrealm AI protects personal data in compliance with the General Data Protection Regulation.

Data Controller vs. Data Processor

When you use Secrealm AI services, you act as the data controller and Secrealm AI acts as the data processor. As the controller, you determine the purposes and means of processing personal data. As the processor, we process personal data only on your documented instructions and in accordance with applicable law.

Lawful Bases for Processing

We process personal data under the following lawful bases as defined by the GDPR: performance of a contract (to deliver our services), legitimate interests (to improve and secure our platform), consent (where explicitly provided), and compliance with legal obligations.

Data Subject Rights

Under the GDPR, individuals have the following rights regarding their personal data:

  • Right of Access — Request a copy of the personal data we hold about you.
  • Right to Rectification — Request correction of inaccurate or incomplete data.
  • Right to Erasure — Request deletion of your personal data where applicable.
  • Right to Data Portability — Receive your data in a structured, machine-readable format.
  • Right to Object — Object to processing based on legitimate interests or direct marketing.

Data Protection Officer

Our Data Protection Officer oversees GDPR compliance across all Secrealm AI operations. For any data protection inquiries, requests to exercise your rights, or concerns about how we handle personal data, contact our DPO at dpo@secrealmai.com

International Data Transfers

When personal data is transferred outside the European Economic Area, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of data protection. We regularly review and update our transfer mechanisms to reflect current regulatory guidance.

Data Processing Agreement

A Data Processing Agreement (DPA) is available on request for all customers. The DPA details our obligations as a data processor, including security measures, sub-processor management, and breach notification procedures. Contact dpo@secrealmai.com to request a copy.