Privacy Policy & Data Governance Statement

Effective Date: May 7, 2026

Service: Jáchym AI®

1. Governance Framework and Roles

Interzect analytics s.r.o. ("Provider") operates Jáchym AI under the legal framework of § 1746 of the Czech Civil Code.

• Data Controller: The Customer ("Customer") is the primary Data Controller for lead data and IP targeting lists.

• Data Processor: Interzect acts as the Data Processor, handling data strictly according to our Service Agreement and the Data Processing Addendum.

• Infrastructure: Jáchym AI is powered by Google Cloud Platform (GCP). Google serves as our sole Subprocessor, maintaining data isolation in a multi-tenant environment.

2. Data Origin and Sourcing Transparency

Jáchym AI is designed for the search and outreach of professional B2B contacts.

• Public Data Only: For its internal search and research capabilities, Jáchym AI utilizes exclusively publicly available professional information (e.g., public professional profiles, company websites, and public registries).

• No Private Harvesting: We do not collect or store private, non-professional social media data or information from non-public sources.

3. LinkedIn-Specific Data Protocols

Jáchym AI adheres to the following platform-specific integrity rules:

3.1 Authorized Access & Authentication

• OAuth 2.0 Integration: We use the official LinkedIn OAuth 2.0 protocol for authentication. Jáchym AI never requests, views, or stores Customer passwords.

• Non-Simulated Activity: We do not use the LinkedIn API to simulate organic human behavior, such as automated profile views, connection requests, or "organic" messaging. All automation is restricted to authorized advertising and lead management functions.

3.2 Mandatory Data Retention & Caching

In compliance with LinkedIn’s technical requirements, we enforce the following purge cycles:

• 24-Hour Profile Cache: Member Profile data (names, headlines, photos) retrieved via the API is purged within 24 hours to ensure information remains current and compliant.

• 48-Hour Social Activity Purge: Member Social Activity data (e.g., likes or comments) is deleted from our active systems within 48 hours.

• Zero Aggregation Policy: We do not scrape LinkedIn data or combine it with third-party databases to create persistent "shadow profiles."

3.3 User Control & Prohibited Use

• Revocation: Customers may revoke Jáchym AI's access at any time via the "Permitted Services" section of their LinkedIn account settings.

• Ethical Use: We strictly prohibit the use of LinkedIn data for any discriminatory purpose, credit/lending eligibility, or any use case that violates LinkedIn’s Professional Community Policies.

4. AI Processing: Google Gemini API (Enterprise)

Jáchym AI leverages the Google Gemini API for high-fidelity B2B content generation and research.

• Zero Training Guarantee: Google does not use any Partner Personal Data, prompts, or outputs processed through the Gemini API to train its base models or improve services for other users.

• EU Data Residency: All processing via the Gemini API is restricted to Google’s EMEA-based data centers, ensuring your data remains within jurisdictions covered by European Data Protection Law.

• Encryption: Data in transit to the Gemini API is protected via TLS 1.3, with all data at rest secured by AES-256 encryption.

5. Multi-Channel Safety & Precision Targeting

A. Banner Ads: IP-Specific Precision

Jáchym AI utilizes IP-Specific Targeting to ensure advertisements are delivered only to verified corporate network addresses.

• Inherent Brand Safety: By serving ads only to pre-approved, specific IP addresses, the risk of ads appearing on irrelevant or harmful domains is structurally eliminated.

B. B2B Emailing Automation

Authentication: We enforce SPF, DKIM, and DMARC for all connected domains.

Regional Protocols:

• USA: Operates on an Opt-out basis (CAN-SPAM).

• EU/UK: Relies on Legitimate Interest (GDPR Art. 6(1)(f)) for professional outreach. We provide a clear "Right to Object" via automated suppression lists.

6. AI Governance & Oversight (EU AI Act 2026)

Jáchym AI is a human-centric automation tool. In compliance with the EU AI Act, we maintain a shared Human-in-the-Loop (HITL) model:

• Shared Oversight: Every automated process is subject to oversight by both Interzect system engineers (monitoring general system behavior) and the Customer's Human Controllers (responsible for campaign-specific output quality and legal compliance).

• Synthetic Content Marking: All AI-generated outputs are embedded with machine-readable metadata identifying them as machine-generated content, satisfying Article 50 transparency duties.

7. Individual Rights (DSAR)

We are committed to facilitating the data rights of all individuals.

• Request Channel: Any individual may exercise their right to access, rectify, or erase their personal data by contacting privacy@interzect.ai.

• 30-Day Response: We acknowledge and process all verified Data Subject Access Requests (DSAR) within 30 days.

8. Security and Deletion

• Breach Notification: We notify Customers without undue delay of any security breach affecting Partner Data.

• Purge Cycles: When data is deleted by a Customer, we initiate removal from our active systems within 60 days. Full removal from Google’s underlying infrastructure may take up to 180 days per their standard technical cycles.

Legal Contact: Interzect analytics s.r.o.

nám. T. G. Masaryka 1281, 760 01 Zlín

Email: info@interzect.ai