← Back to Home

Privacy Policy

Privacy Policy for 7plus.one

1. Introduction

This Privacy Policy explains how 7plus.one ("Company", "we", "us", "our") collects, processes, uses, stores, and protects personal data in connection with our website, our SaaS platform, AI-powered services, APIs and related digital tools (collectively, the "Services"). We process personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), applicable laws of the Republic of Estonia, the ePrivacy Directive, and other relevant EU legislation. By using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

7plus.one — Registered in the Republic of Estonia. Email: info@7plus.one Depending on the nature of the service, we may act as:

  • Data Controller (for website users and direct customers), or
  • Data Processor (when providing SaaS services to business clients).

3. Categories of Personal Data

We may process the following categories of data:

  • Account and Identification Data: Name, Surname, Company name, Account credentials.
  • Contact Data: Email address, Telephone number, Billing information.
  • Technical Data: IP address, Device information, Browser type, Log files, Usage data, API request logs.
  • AI Interaction Data: Prompts submitted, Content uploaded, Generated outputs, Metadata related to AI processing.
  • We do not intentionally collect special categories of personal data unless lawfully required. Users are responsible for ensuring that data uploaded to the Services complies with applicable law.

4. Legal Basis for Processing

We process personal data based on:

  • Performance of a contract (Article 6(1)(b) GDPR)
  • Legitimate interests (Article 6(1)(f) GDPR)
  • Legal obligations (Article 6(1)(c) GDPR)
  • Consent (Article 6(1)(a) GDPR), where required
  • Where processing is based on legitimate interest, we ensure a balancing test is performed.

5. Purposes of Processing

We process personal data to:

  • Provide and operate the Services
  • Manage accounts
  • Provide customer support
  • Ensure platform security
  • Prevent fraud and misuse
  • Improve system performance
  • Comply with legal obligations
  • Establish, exercise, or defend legal claims
  • We may use anonymized and aggregated data for analytics and service improvement.

6. AI-Specific Processing

Our Services may include AI-based systems that process user-submitted content. Unless explicitly agreed otherwise:

  • Customer data is not used to train publicly available AI models.
  • Aggregated and anonymized technical data may be used to improve system performance.
  • Users remain solely responsible for verifying AI-generated outputs.

7. Data Sharing

We may share data with:

  • Hosting providers
  • Cloud infrastructure providers
  • IT service providers
  • Payment processors
  • Legal authorities where required by law
  • All processors are bound by GDPR-compliant agreements. We do not sell personal data.

8. International Transfers

If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards such as Standard Contractual Clauses are applied.

9. Data Retention

Personal data is retained only for as long as necessary:

  • To provide the Services
  • To comply with legal obligations
  • To defend legal claims

10. Security Measures

We implement appropriate technical and organizational measures including:

  • Encryption in transit
  • Access control systems
  • Security monitoring
  • Internal data protection procedures
  • However, no system can guarantee absolute security.

11. Data Subject Rights

Under GDPR, individuals have the right to:

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Data portability
  • Object to processing
  • Withdraw consent
  • Lodge a complaint with a supervisory authority
  • Requests may be sent to: info@7plus.one. We may verify identity before fulfilling requests.

12. B2B Data Processing

Where we act as a Data Processor on behalf of a business client:

  • We process data only on documented instructions.
  • We implement security measures under Article 32 GDPR.
  • We engage sub-processors under GDPR-compliant agreements.
  • We assist controllers in fulfilling data subject rights.
  • We notify controllers in case of personal data breaches.
  • Enterprise clients may request a separate signed Data Processing Agreement.

13. Children

Our Services are not intended for individuals under 16 years of age.

14. Changes

We reserve the right to update this Privacy Policy. Updates become effective upon publication.

15. Contact

7plus.one — Republic of Estonia. Email: info@7plus.one