BackLast updated: 11/09/2025
Contact the Privacy team

Privacy – Privacy Policy

This Policy describes how Godia.ai collects, uses, stores, and shares data, as well as data subjects’ rights under the GDPR.

Scope

This Policy applies to Godia.ai websites, products and services, as well as our commercial and support interactions. It complements the Terms of Use and applies subject to local laws.

Data controller

For marketing activities and the website: Godia.ai acts as the data controller (contact: legal@godia.ai). For customers’ use of the platform, Godia.ai acts as a data processor – see the DPA.

Data we collect

  • Data you provide

    Identity and contact details (name, email, phone, company), message content, preferences, documents shared via assistants.

  • Technical data

    Technical identifiers (cookies/session IDs), logs, IP addresses (security), usage metrics, diagnostics.

  • Data from integrations

    Where applicable: data coming from third-party tools connected by the Customer (CRM, email marketing), depending on their settings.

Purposes and legal bases

  • Providing the service

    Performance of a contract (GDPR art. 6(1)(b)): running assistants, routing, administration, support.

  • Improvement & security

    Legitimate interest (art. 6(1)(f)): usage statistics, abuse prevention, system protection (see Security).

  • Marketing

    Legitimate interest or consent: sales follow-up, invitations and relevant communications. You can unsubscribe at any time.

Cookies & trackers

See the dedicated policy: /legal/cookies. Consent settings allow you to enable/disable non-essential categories.

Sharing & processors

  • Service providers

    EU hosting (AWS), email delivery (Mailjet – EU) and, via SmartRouter, AI providers selected based on the need (e.g., Mistral – EU; potential non-EU providers governed by SCCs).

  • Controlled transparency

    A named list of processors can be provided upon request to legal@godia.ai (subject to an NDA). No systematic public publication is planned.

International transfers

Processing is primarily carried out in the EU. For any transfer outside the EU/EEA, Godia.ai implements Standard Contractual Clauses (SCCs) and appropriate supplementary measures.

Retention periods

We keep data as long as necessary for the purposes described: conversations and content per the Customer’s settings, technical logs 30–90 days, encrypted backups on cycles ≤ 30 days. Aggregated/anonymized data may be kept longer for statistical purposes.

Your rights

Access, rectification, erasure, restriction, objection, portability (GDPR). To exercise your rights, contact legal@godia.ai. For data processed on behalf of a Customer, please contact that Customer first (the data controller).

Security

Proportionate organizational and technical measures (access controls, encryption in transit/at rest where applicable, backups, logging). More details: /legal/security.

Minors

Our services are not intended for children. If you believe a minor has provided us with data, contact us so we can delete it.

Policy changes

We may update this Policy. The last updated date appears at the top of the page. In case of material changes, appropriate notice will be provided.

Contact

Privacy questions: legal@godia.ai · Support: support@godia.ai · Vulnerability reporting: legal@godia.ai

Stay up to date with the latest news
Godia.ai logoGodia.ai

Conversational AI assistants for customer service, sales and operations.

24, route d'Arlon 8008 Strassen, Luxembourg, UE

Solutions by industry

© 2026 Godia.aiHosted in the EUGDPR Compliant
Made with ❤️ in Luxembourg