πͺπΊ EU Compliant
GDPR Compliance
Last updated: January 5, 2025
Mamnoon.ai is committed to protecting the privacy of our users, including those in the European Union. This
page explains how we comply with the General Data Protection Regulation (GDPR).
1. Our Commitment to GDPR
As a data processor and controller, we are committed to:
- Processing personal data lawfully, fairly, and transparently
- Collecting data for specified, explicit, and legitimate purposes
- Minimizing data collection to what is necessary
- Ensuring data accuracy and keeping it up to date
- Limiting storage to necessary periods
- Ensuring appropriate security of personal data
2. Your Rights Under GDPR
If you are in the European Economic Area (EEA), UK, or Switzerland, you have the following rights:
π Right to Access
Request a copy of all personal data we hold about you.
βοΈ Right to Rectification
Request correction of inaccurate or incomplete data.
ποΈ Right to Erasure
Request deletion of your personal data ("right to be forgotten").
βΈοΈ Right to Restriction
Request limitation of processing in certain circumstances.
π¦ Right to Portability
Receive your data in a structured, machine-readable format.
π« Right to Object
Object to processing based on legitimate interests or marketing.
Exercise Your Rights
To exercise any of these rights, please contact our Data Protection team:
Email: gdpr@mamnoon.ai
We will respond to your request within 30 days.
3. Legal Basis for Processing
We process personal data under the following legal bases:
- Contract Performance: Processing necessary to provide our translation services
- Legitimate Interests: Improving our services, fraud prevention, security
- Consent: Marketing communications, optional analytics
- Legal Obligation: Tax records, compliance with laws
4. Data We Collect
4.1 Data We Store
- Account information (name, email)
- Subscription and payment records
- Usage statistics (session count, duration)
- Support communications
4.2 Data We Do NOT Store
- β Voice recordings
- β Video streams
- β Translation content (processed in real-time only)
- β Credit card numbers (handled by Stripe)
5. International Data Transfers
Some of your data may be transferred to and processed in the United States. We ensure appropriate safeguards
through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data processing agreements with all sub-processors
- Technical and organizational security measures
6. Sub-Processors
We use the following third-party sub-processors:
- Supabase (Authentication & Database) - USA, EU data region available
- Stripe (Payment Processing) - USA, certified under EU-US Data Privacy Framework
- Microsoft Azure (Translation API) - EU data centers available
- Daily.co (Video Infrastructure) - USA
- Railway (Hosting) - USA
7. Data Retention
- Account Data: Until account deletion + 30 days
- Usage Analytics: 12 months
- Payment Records: 7 years (legal requirement)
- Support Tickets: 3 years
8. Data Security
We implement appropriate technical and organizational measures:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- Regular security assessments
- Access controls and authentication
- Employee training on data protection
- Incident response procedures
9. Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Notify affected individuals without undue delay
- Document all breaches and remediation steps
10. Data Protection Officer
For GDPR-related inquiries, contact our Data Protection team:
Email: gdpr@mamnoon.ai
11. Supervisory Authority
If you are not satisfied with our response, you have the right to lodge a complaint with your local data
protection authority. A list of EU data protection authorities can be found at edpb.europa.eu.
12. Updates
We may update this page periodically. Material changes will be communicated via email or through our service.
© 2026 Mamnoon.ai. All rights reserved. | By Milani Labs www.milanilabs.com