1. Account Deletion Request

Upon a user's request to delete their account, we will deactivate the account and remove it from the live environment. This ensures that the account data is no longer visible or accessible on our platform.

2. Data Retention Period

- Retention Duration: User account data will be retained for six (6) months following the initial deletion request.

- Purpose of Retention: The retention period allows users the opportunity to restore their accounts and helps us address any legal, regulatory, or operational requirements that may arise.

3. Data Storage and Security

During the retention period, user data will be securely stored and protected with encryption and access control mechanisms. Access to retained data is limited to authorized personnel only, and data will be used solely for compliance, audit, and legal purposes.

4. Permanent Deletion

At the end of the six-month retention period, all personal data associated with the deleted account will be permanently deleted from our systems. This includes removing any backup copies to ensure that the data cannot be recovered.

5. Law Enforcement Preservation & Legal Hold

Notwithstanding the retention periods and deletion procedures described above, we may preserve and retain user data beyond the standard retention period when required for:

• Active criminal investigations: Upon receipt of a valid preservation request, court order, or other legal process from a competent law enforcement authority (including Czech Police, Europol, INTERPOL, or other national authorities), we will preserve all relevant account data, content, metadata, and access logs for the duration specified in the request or as required by law.
• Mandatory CSAM reporting: Where we detect or receive a report of suspected Child Sexual Abuse Material (CSAM), we are required under Directive 2011/93/EU and Czech law to preserve all associated evidence and report to NCMEC, Europol, INHOPE, and/or Czech Police. This data will be preserved until law enforcement confirms it is no longer needed.
• Non-consensual intimate imagery (NCII / deepfake offenses): Where content is flagged under Czech Criminal Code §193b or equivalent laws, associated user data, uploaded reference images, generated outputs, and access logs are preserved for potential law enforcement use.
• Pending litigation or regulatory proceedings: Where we are aware of pending or reasonably anticipated litigation, arbitration, or regulatory investigation, a legal hold will be placed on all potentially relevant data.
• DSA compliance: Under the EU Digital Services Act (Regulation 2022/2065, Art. 18), we may be required to preserve data pursuant to orders from Member State authorities.

Scope of preservation: A legal hold may cover account data, chat logs, generated content, uploaded images, IP addresses, device identifiers, payment records, and moderation/compliance audit trails. Users subject to a legal hold will not be informed of the hold where doing so would jeopardize an investigation or where prohibited by the applicable legal process.

Data preserved under a legal hold is stored securely with restricted access, used only for the stated legal purpose, and deleted when the legal obligation expires or law enforcement confirms the data is no longer required.

6. User Rights (GDPR Articles 15-22)

Under GDPR Article 17 (Right to Erasure), users have the right to request immediate permanent deletion of their personal data, bypassing the standard retention period. Requests for immediate deletion will be processed within thirty (30) days as required by GDPR Article 12(3), and data will be permanently erased from all systems, including backups, upon completion.

You also have the right to lodge a complaint with the Czech Data Protection Authority (Úřad pro ochranu osobních údajů, ÚOOÚ) at www.uoou.cz, or with the supervisory authority of your EU/EEA member state of residence.

7. Compliance and Auditing

aiAllure will regularly review and audit its data deletion processes to ensure compliance with GDPR and other applicable laws. This policy will be updated as necessary to reflect regulatory changes or improvements in our data management practices.

Contact Information

For any questions or concerns regarding this policy, please contact us at:

Novera Group s.r.o.
Rybná 716/24
CZ-110 00 Praha 1
hello@aiallure.com