A short policy
for a serious topic.
This is the privacy policy for the Sonta AI website — sonta.ai and its pages. It explains what we collect when you visit the site, fill in a form, or get in touch, why we collect it, and what you can do about it.
The 60-second version
- What we collect: what you choose to give us through forms (name, work email, company, role, message) and basic, privacy-friendly analytics about how the site is used.
- What we don't: we don't sell your data, we don't run advertising trackers, and we don't profile you.
- Where it lives: your data is stored and processed within the European Union.
- Compliance: we handle personal data in line with the EU General Data Protection Regulation (GDPR).
- Your rights: access, correct, export, or delete your data — just email [email protected]. We reply in days, not weeks.
What this policy covers.
This policy applies only to the Sonta AI website — the public marketing pages at sonta.ai. It explains how we handle personal data for visitors to the site and for people who contact us through it.
It does not cover the Sonta AI product. If you use the product as a customer, the personal data processed inside it is governed by the agreement between your organisation and Sonta AI, not by this page.
Who we are.
Sonta AI is the data controller for the sonta.ai website and is established in Poland, within the European Union. “Controller” means we decide what website data is collected and why, and we are responsible for protecting it.
Our registered company details are listed in the Contact section at the end of this policy.
What we collect.
Two simple categories. Nothing more.
- Information you give us — when you complete a form on the site (for example a demo request, a contact form, or a newsletter sign-up), we collect what you enter: typically your name, work email, company, role, and any message or free-text answers you provide.
- Information collected automatically — when you browse the site, we collect basic, aggregated usage data such as pages viewed, the referring site, approximate region, and general device or browser type. This is used to understand how the site performs. We do not use it to identify you personally.
We do not knowingly collect special categories of data (such as health, religion, or political views) through this website, and we ask that you do not submit them in free-text fields.
Why we collect it.
Each piece of data has a single, named purpose. We don't keep data because it “might be useful” later.
- To respond to you — when you submit a demo or contact request, we use your details to reply and follow up on your enquiry.
- To send the newsletter — if you sign up, we use your email to send updates. You can unsubscribe at any time, in one click.
- To improve the site — aggregated analytics help us understand which pages are useful and which are not.
- To keep the site secure — limited technical logs help us keep the site available and detect abuse.
Our legal basis.
Under the GDPR, we must have a lawful basis for using your personal data. For the website, we rely on the following:
- Your consent — for the newsletter and for any non-essential cookies. You can withdraw consent at any time.
- Steps before a contract — when you ask us for a demo or send a sales enquiry, we process your details to respond to that request.
- Our legitimate interests — to run aggregated site analytics and to keep the website secure, in a way that does not override your rights.
How long we keep it.
We keep personal data only as long as we need it for the purpose it was collected, and then we delete it.
- Form submissions and enquiries — kept for a limited period after our last contact with you, then deleted.
- Newsletter sign-ups — kept until you unsubscribe.
- Site analytics — kept in aggregated form only, for a limited period.
- Security logs — kept for a short period, then deleted.
Where the law requires us to keep certain records for longer, we do so and then delete them.
Your rights.
Under the GDPR, you have the right to access, rectify, erase, restrict, and port your personal data, and to object to certain processing. Where we rely on consent, you can withdraw it at any time without affecting processing that already took place.
To exercise any of these rights, contact us using the details below. We respond within the time limits set by the GDPR — and usually much sooner. Your data stays within the European Union throughout.
If you are not satisfied with how we have handled your data, you also have the right to lodge a complaint with the Polish Personal Data Protection Office (Urząd Ochrony Danych Osobowych, UODO) or with the supervisory authority in your own EU country — though we would appreciate the chance to put things right first.
Changes to this policy.
We update this page when our website practices change. The “last updated” date at the top always reflects the most recent change. For significant changes, we will make the update clearly visible on the site.
Governing law and jurisdiction.
This policy and any matter arising from it are governed by the laws of Poland and the directly applicable laws of the European Union, including the GDPR. The courts of Poland have jurisdiction over any dispute arising from or in connection with this policy, without prejudice to your right to lodge a complaint with the supervisory authority in your own EU country.
Contact.
If you have any questions about this policy or about how we handle your personal data, please get in touch:
Email: [email protected]
Company: Sonta AI