Skip to main content
GDPR Compliance

GDPR at FTES.AI

How we protect the privacy and data rights of our users in accordance with the General Data Protection Regulation.

Last Updated:January 8, 2026
Fully Compliant
Quick Jump:CommitmentData Subject RightsData SecurityData TransfersContact DPO

Our Commitment

  • We are fully committed to GDPR compliance across all our services.
  • Privacy by design and privacy by default are core to our development.
  • We only process personal data that is strictly necessary for our services.
  • All data processing is conducted lawfully, fairly, and transparently.

Data We Process

  • Account Information: Name, email, and contact details for service delivery.
  • Professional Data: Job titles and company information for FTE configuration.
  • Usage Data: Interaction logs to improve and secure our platform.
  • Communication Data: Support requests and feedback interactions.

Lawful Basis

  • Contractual Necessity: To provide the services you've signed up for.
  • Legitimate Interests: For security, fraud prevention, and platform improvement.
  • Consent: For marketing communications where you have explicitly opted in.
  • Legal Obligation: To comply with applicable laws and regulations.

Data Subject Rights

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Correct any inaccurate or incomplete personal data.
  • Right to Erasure: Request the deletion of your personal data ('Right to be Forgotten').
  • Right to Data Portability: Receive your data in a structured, machine-readable format.

Data Security

  • End-to-end encryption for all data in transit (TLS 1.3).
  • Advanced encryption for data at rest (AES-256).
  • Strict access controls and multi-factor authentication.
  • Regular security audits and vulnerability assessments.

Data Transfers

  • Standard Contractual Clauses (SCCs) for international transfers.
  • Data sets hosted in secure EU-based data centers upon request.
  • Regular audits of sub-processors for GDPR compliance.
  • Strict data processing agreements (DPAs) with all partners.

Data Processing Summary

Retention Periods

We retain data only as long as necessary. Account data is kept while the account is active plus 30 days for backup purposes. Infrastructure logs are retained for 1 year for security audit requirements.

Exercise Your Rights

You can exercise any of your GDPR rights (access, deletion, portability) by emailing our privacy team at privacy@ftes.ai. We respond to all requests within 30 days.

Opting Out

You can opt-out of marketing communications at any time via the unsubscribe link in our emails or through your account settings. For cookies, use our Cookie Policy tool.

Data Breach Protocol

In the event of a significant data breach, we will notify affected individuals and the relevant supervisory authorities within 72 hours of becoming aware of the incident.

Contact our Privacy Team

Our Data Protection Officer is available to handle any inquiries regarding your personal data and our privacy practices.

privacy@ftes.aiPrivacy Policy