GDPR

Privacy Policy

How AI Explorer collects, uses, and protects your personal data.

Contents
  1. 1Data collected
  2. 2Data use
  3. 3Cookies and trackers
  4. 4Data retention
  5. 5Data security
  6. 6Your rights
  7. 7Account deletion
  8. 8Contact & DPO
1.Data collected

We collect the following data when you use AI Explorer:

Account data (if registered)

  • Email address
  • Password (hashed and salted, never stored in plain text)
  • Username (optional)

Usage data

  • Saved favorites and comparisons
  • Published reviews and ratings
  • Tools submitted for listing

Technical data (anonymized)

  • Aggregated navigation data (Umami Analytics, cookie-free)
  • Site performance (Vercel Analytics)
2.Data use

Your data is used exclusively to:

  • Manage your account and authenticate you
  • Personalize your experience (favorites, comparison history)
  • Send you account-related notifications (email verification, password reset)
  • Improve the quality and performance of the service
  • Process your contact or listing requests

We do not sell, rent, or share your personal data with third parties for commercial purposes.

3.Cookies and trackers

AI Explorer uses a minimal number of cookies:

Essential cookies

Required for the site to function (authentication session, theme preference). These cookies cannot be refused.

Cookie-free analytics (Umami)

We use Umami Analytics, a privacy-respecting tool that places no cookies and uses no personally identifiable data. GDPR compliant without requiring consent.

We do not use advertising or cross-site tracking cookies.

4.Data retention

Your data is retained for the following periods:

  • Account data: Account lifetime + 3 years after deletion
  • Reviews and contributions: Account lifetime
  • Contact data: 3 years from the last interaction
  • Analytics data: Maximum 13 months (anonymized)

Upon expiry of these periods, your data is deleted or irreversibly anonymized.

5.Data security

We implement technical and organizational measures to protect your data:

  • Encrypted communications via HTTPS (TLS 1.3)
  • Password hashing with BCrypt algorithm
  • Data access restricted to authorized personnel
  • Infrastructure hosted on ISO 27001 certified servers
  • Authentication tokens with limited lifespan

In the event of a data breach likely to affect your rights, you will be notified within 72 hours in accordance with GDPR.

6.Your rights

Under the GDPR (General Data Protection Regulation), you have the following rights:

  • Right of access: Obtain a copy of your personal data
  • Right of rectification: Correct inaccurate or incomplete data
  • Right to erasure: Delete your data ("right to be forgotten")
  • Right to portability: Receive your data in a structured format
  • Right to object: Object to the processing of your data
  • Right to restriction: Restrict the processing of your data

To exercise these rights, contact us at [email protected]. We will process your request within one month.

You may also lodge a complaint with the relevant data protection authority in your country.

7.Account deletion

You can delete your account at any time from your profile page. This action permanently deletes:

  • Your account information
  • Your saved favorites and comparisons
  • Your published reviews (anonymized)

This action is irreversible. If you simply want to disable notifications, you can do so from your account settings.

8.Contact & DPO

For any questions regarding this privacy policy or the exercise of your rights:

Email: [email protected]

Subject: Privacy — [your request]

We are committed to responding to any request within a maximum of 30 days.

Last updated: March 2026