Privacy Policy
This Privacy Policy explains how personal information is collected, used, stored, and protected in connection with the operation of the website https://flexifai.io (the “Website” or the “Platform”) and related digital interfaces operated by SIRELIS AI LIMITED, a company registered in Cyprus under company number HE478124, with its registered address at Thermopylon 23, Pissouri, 4607, Limassol, Cyprus (the “Company”).
For the purposes of this Privacy Policy, personal information means any information relating to an identifiable individual. This includes, without limitation, names, contact details such as an email address or telephone number, residential or business address, identification details issued by public authorities, information relating to banking or payment instruments, and data generated through the use of the website or related services. Where applicable, this concept corresponds to “personal data” as defined under Regulation (EU) 2016/679 and has the same meaning as “personal information” under applicable data protection legislation.
References to the Company or “we” mean SIRELIS AI LIMITED, a company registered in Cyprus under company number HE478124, with its registered address at Thermopylon 23, Pissouri, 4607, Limassol, Cyprus. SIRELIS AI LIMITED operates and maintains the website as a technology and AI platform. The website itself does not provide regulated financial or payment services. Regulatory status information will be disclosed where and when required by applicable law.
For the purposes of data protection law, the Company acts as a controller where it determines the purposes and means of processing personal data, including in situations where such data relates to individuals located in the European Economic Area. In certain circumstances, external service providers may process personal information on behalf of the Company as processors, strictly in accordance with written agreements and appropriate confidentiality and security safeguards.
The Website or Platform refers to the Company’s online platform and associated digital environments, including https://flexifai.io and any related interfaces, applications, or technical extensions made available by the Company.
References to the GDPR mean Regulation (EU) 2016/679, which applies where personal data of individuals located in the European Economic Area is processed in connection with the offering of services or the monitoring of user interactions. Where relevant, other applicable data protection laws may also apply depending on the location of the individual and the nature of the processing activity.
Identification data means information used to verify the identity of an individual, such as full name, date of birth, address, identification document details, or business registration information. Such data may be collected where necessary to support identity verification, security controls, or compliance processes made available through the platform.
Transaction-related data refers to information generated in connection with interactions involving digital services or platform functionality, including reference identifiers, timestamps, technical routing information, and contextual metadata. This information does not represent the provision of financial services by the website itself.
Account information means data provided when creating, accessing, or maintaining a user account, including login credentials, contact details, and associated technical or profile information required for secure access and platform administration.
Device and usage data includes technical information collected automatically when users access or interact with the website. This may include IP address, browser type, operating system, device identifiers, log files, and records of interactions with platform features.
Cookies are small data files stored on a user’s device to support essential website functionality, improve performance, enable analytical insights, and maintain security. Cookies are used in accordance with applicable privacy and electronic communications laws.
References to third parties mean independent entities engaged by the Company to provide specific services such as hosting, analytics, identity verification, security monitoring, or compliance support. These parties process personal information only on documented instructions and subject to contractual safeguards.
Consent means freely given, informed, and specific permission provided by an individual for the collection and use of their personal information, where such consent is required by applicable law.
A data subject or individual is any natural person whose personal information is collected, used, or otherwise processed by the Company.
A breach means any incident involving unauthorized access to, disclosure of, alteration of, or loss of personal information that may affect its confidentiality, integrity, or availability.
Safeguards refer to the administrative, technical, and physical measures implemented by the Company to protect personal information against unauthorized access, misuse, loss, or disclosure.
2. Introduction
SIRELIS AI LIMITED recognizes the importance of protecting privacy and is committed to ensuring the confidentiality, integrity, and security of all personal information collected and processed in connection with the operation of its technology and AI platform. This Privacy Policy explains how personal information is collected, used, disclosed, retained, and protected in relation to the website https://flexifai.io and any related digital interfaces operated by the Company.
The website is operated and maintained by SIRELIS AI LIMITED, Thermopylon 23, Pissouri, 4607, Limassol, Cyprus, Company Number HE478124. The website does not provide regulated financial or payment services. Any information regarding regulatory status will be disclosed where and when required by applicable law. References to financial, transactional, or compliance-related processes in this Privacy Policy are descriptive of technical, informational, or support functions and do not constitute the provision of regulated services through the website.
This Privacy Policy reflects the requirements of applicable data protection laws, including Regulation (EU) 2016/679 where personal data of individuals located in the European Economic Area is processed. Where relevant, the Policy also takes into account other applicable privacy and data protection frameworks, depending on the nature of the interaction and the location of the individual.
This Privacy Policy applies to all personal information collected through the website, communication channels, integrations with third-party service providers, and any other interactions related to the use of the platform. By accessing or using the website, you confirm that you have read and understood this Privacy Policy and acknowledge the processing of personal information in accordance with its terms, except where such processing is permitted or required by law without consent.
The Company’s approach to privacy is based on transparency, accountability, and proportionality. Personal information is collected and processed only for lawful and clearly defined purposes, and appropriate safeguards are applied based on the nature and sensitivity of the information. This Privacy Policy describes the purposes and legal bases for processing, applicable retention periods, individual rights, and the measures implemented to ensure responsible handling of personal information.
Questions regarding this Privacy Policy, the Company’s data protection practices, or the exercise of individual rights may be directed to the Company at [email protected].
3. Categories of Personal Information We Collect
The Company collects and processes only the personal information that is reasonably necessary to operate the platform, provide its digital services, ensure platform security, and comply with applicable legal requirements. Personal information includes any data relating to an identifiable individual, whether obtained directly from you or received from lawful third-party sources engaged by the Company.
Personal information may be collected through interactions with the website, use of platform features, communications with the Company, or integrations with external service providers that support identity verification, security, hosting, analytics, or operational continuity. All personal information is processed in accordance with applicable data protection principles, including lawfulness, fairness, transparency, data minimisation, and purpose limitation.
Where relevant, the processing of personal data is carried out in compliance with Regulation (EU) 2016/679 in relation to individuals located in the European Economic Area, as well as other applicable privacy and data protection laws, depending on the nature of the interaction and the location of the individual.
3.1. Types of Personal Information Collected
Identification information includes details that allow the Company to recognize and distinguish an individual, such as full name, residential or business address, date of birth, and contact information. Where lawful and appropriate, this may also include government-issued identification details, business registration information, or tax-related identifiers, collected to support identity verification, contractual arrangements, or platform security.
Transaction-related information refers to data generated through interactions with the platform and its digital functionalities. This may include reference identifiers, timestamps, technical routing information, contextual metadata, and records reflecting how platform features are accessed or used. Such information is processed for operational continuity, security monitoring, and system integrity and does not constitute the provision of regulated financial or payment services by the website.
Account information includes data provided when creating, accessing, or maintaining a user account, such as email address, telephone number, login credentials, verification status, and associated profile, preference, or configuration details required for secure access and administration.
Device and usage data consists of technical information collected automatically when you interact with the website or related interfaces. This may include IP address, browser type, device model, operating system, session identifiers, and activity logs used to detect misuse, ensure security, and improve platform performance.
Compliance and verification data includes information collected to support identity verification, access control, and risk management processes made available through the platform. This may include copies of identification documents, facial images, proof of address, corporate structure information, beneficial ownership details, or declarations provided during onboarding or continued use of the services.
Third-party information refers to personal data relating to other individuals or entities that you choose to provide in connection with a legitimate interaction or business relationship, such as authorized representatives or counterparties. By providing such information, you confirm that you have obtained the necessary consent or otherwise have a lawful basis to share the data with the Company.
Communication information includes records of correspondence exchanged with the Company through email, support channels, or other communication methods, including inquiries, requests, complaints, and submitted documentation. Additional information may be collected where reasonably necessary to verify identity, maintain platform security, or comply with applicable legal requirements, including location indicators derived from IP data or behavioral information related to platform usage.
The Company does not knowingly collect or process personal information relating to children under the age of thirteen. Individuals below this age must not submit personal information through the website. Where the Company becomes aware that such information has been collected without appropriate authorization, it will take reasonable steps to remove the data from its systems.
3.2. Purposes of Processing Personal Information
Personal information is processed only for lawful and specific purposes related to the operation of the platform. These purposes include establishing and managing user relationships, verifying identity and access eligibility, administering user accounts, maintaining platform security, preventing fraud or unauthorized use, supporting internal recordkeeping, responding to inquiries, and improving the functionality and reliability of the website and related services.
Personal information may also be processed where necessary to comply with applicable legal obligations, respond to lawful requests from competent authorities, or protect the rights, safety, and legitimate interests of the Company and its users. Processing activities are limited to what is relevant and proportionate to these purposes.
3.3. Data Retention
Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Retention periods are determined based on the nature of the information, the context of the relationship, and any applicable legal, regulatory, or operational requirements.
Once personal information is no longer required, it is securely deleted, anonymized, or otherwise disposed of using methods designed to prevent unauthorized access, disclosure, or reconstruction.
3.4. Individual Rights
Individuals have the right to request access to their personal information and to request the correction of inaccurate or incomplete data, subject to applicable legal limitations. Such requests may be submitted in writing and will be addressed within a reasonable timeframe, unless restricted or extended by law.
Where processing is based on consent, individuals may withdraw that consent at any time, subject to contractual or legal constraints. For individuals located in the European Economic Area, additional rights under Regulation (EU) 2016/679 may apply, including the right to request erasure, restriction of processing, data portability, or to object to certain forms of processing, where applicable.
Requests relating to individual rights may be submitted to the Company using the contact details provided in this Privacy Policy. All requests are handled in a transparent manner and in accordance with applicable data protection requirements.
4. Disclosure of Personal Information
The Company discloses personal information only in limited and clearly defined circumstances, and solely where such disclosure is lawful, necessary, and proportionate to the relevant purpose. Personal information is not sold, rented, or otherwise shared for commercial gain. All disclosures are subject to appropriate contractual, technical, and organizational safeguards designed to protect confidentiality and integrity, and to ensure compliance with applicable data protection laws, including Regulation (EU) 2016/679 where relevant.
4.1. Disclosure to Service Providers and Operational Partners
Personal information may be shared with third-party service providers engaged to support the operation, security, and continuity of the platform. Such providers may include technology and hosting partners, analytics providers, identity verification and screening services, fraud prevention tools, customer support systems, and professional advisors. These third parties process personal information solely on documented instructions from the Company and only for the purposes necessary to perform their contracted services.
All service providers are bound by written agreements that impose confidentiality obligations, restrict the use of personal information to defined purposes, and require the implementation of appropriate safeguards based on the sensitivity of the data. Information about the categories of service providers involved in processing may be requested by contacting the Company at [email protected].
4.2. Disclosure for Legal Purposes
Personal information may be disclosed where required or permitted by applicable law, regulation, or valid legal process. This may include disclosures necessary to comply with court orders, lawful requests from public authorities, or obligations relating to the establishment, exercise, or defense of legal claims. In such cases, disclosures are limited to the minimum amount of information necessary to meet the specific legal purpose and are documented in accordance with applicable requirements.
4.3. Internal and Affiliated Entity Sharing
Where the Company operates within a corporate group or maintains affiliated entities, personal information may be shared internally to support legitimate business functions such as platform administration, security oversight, risk management, auditing, or internal reporting. Any such internal transfers are governed by confidentiality obligations and internal data protection controls to ensure a consistent level of protection.
4.4. Cross-Border Data Transfers
Personal information may be transferred to, stored in, or accessed from jurisdictions outside the country of residence of the individual, including within the European Union or other locations where the Company or its service providers operate. In all cases, the Company implements appropriate safeguards to ensure that transferred personal information receives a level of protection consistent with applicable data protection laws. These safeguards may include contractual commitments, technical security measures, and organizational controls. Further information regarding cross-border transfers and related safeguards may be requested by contacting the Company.
4.5. Corporate Transactions
In the event of a merger, acquisition, corporate restructuring, financing transaction, or sale of assets, personal information may be disclosed or transferred to a successor entity or acquiring party where reasonably necessary for the continuation of business operations. Any such recipient will be required to handle personal information in a manner consistent with this Privacy Policy and applicable data protection laws, and to maintain appropriate confidentiality and security measures.
5. Cookies and Tracking Technologies
The website uses cookies and similar tracking technologies to ensure secure access, support core functionality, enhance user experience, and analyze the performance of the platform. Cookies are small text files stored on your device when you access the website. They enable the recognition of returning users, the storage of user preferences, improved navigation, and the collection of aggregated information regarding how the website is used.
Cookies may be placed directly by the Company as first-party cookies or by third-party service providers acting on the Company’s behalf as third-party cookies. Such providers may support analytics, security, or performance-related functions and are required to process any information obtained through cookies in accordance with applicable data protection and privacy requirements.
Cookies used on the website are categorized based on their function. Certain cookies are essential to the operation of the website and enable basic features such as page navigation, access to secure areas, and service continuity. These cookies are necessary for the website to function properly and cannot be disabled through the platform. Other cookies support functional purposes, such as remembering language preferences or regional settings, and contribute to a more personalized experience. Analytical cookies are used to collect aggregated and anonymized information about how users interact with the website in order to improve its structure, content, and performance, and are activated only where consent is provided. Where applicable, marketing or targeting cookies may be used to deliver content relevant to user interests and browsing behavior, and such cookies are used only with explicit consent.
Upon your first visit to the website, a cookie notice is displayed to inform you about the types of cookies in use and to allow you to accept, reject, or customize your preferences. You may change or withdraw your consent at any time through your browser settings or by using the cookie management tools made available on the website. Disabling certain cookies may limit the availability or functionality of specific website features.
The use of cookies on the website is designed to comply with applicable privacy and electronic communications laws. Cookies are not used to collect sensitive personal information and are not deployed to track users across unrelated third-party websites.
6. Legal Basis for Processing Personal Information
The Company processes personal information only where a lawful, clearly defined, and proportionate legal basis exists. Processing activities are conducted in accordance with applicable data protection laws, including Regulation (EU) 2016/679 in relation to individuals located in the European Economic Area, as well as other relevant privacy frameworks depending on the context of the interaction and the location of the individual.
Personal information is processed on the basis of consent where individuals voluntarily provide information for specific purposes, such as creating an account, submitting information through the website, or communicating with the Company. Consent is valid only where it is informed, specific, and freely given. Individuals may withdraw their consent at any time, subject to legal or contractual limitations, by contacting the Company. Withdrawal of consent may affect the availability of certain features or services that rely on the relevant information.
Processing may also be carried out where necessary for the performance of a contract or in order to take steps at the request of the individual prior to entering into a contractual relationship. This includes activities required to administer user accounts, provide access to platform functionality, respond to requests, and ensure operational continuity.
In certain circumstances, personal information is processed in order to comply with legal obligations applicable to the Company. Such processing does not rely on consent and is limited to what is strictly necessary to satisfy the relevant legal requirement.
The Company may also process personal information where necessary for the purposes of its legitimate interests, including maintaining platform security, preventing misuse or fraud, ensuring system integrity, improving services, and protecting the rights and interests of the Company and its users. Such processing is carried out only where these interests are not overridden by the fundamental rights and freedoms of the individual.
In limited and exceptional circumstances, personal information may be processed where necessary to protect the vital interests of an individual, including situations involving security incidents, suspected misuse, or risks of harm.
All processing activities are conducted in a fair, transparent, and proportionate manner. Personal information is collected and used only to the extent necessary for the stated purposes, and no processing is carried out in a manner that would unjustifiably infringe upon the rights or reasonable expectations of individuals.
7. Changes to This Privacy Policy
The Company may update or amend this Privacy Policy from time to time to reflect changes in applicable law, regulatory guidance, industry standards, or internal operational practices. Any updates are made in good faith and in accordance with applicable data protection and transparency requirements.
Where changes are made, the revised version of this Privacy Policy will be published on the website with an updated “Last updated” date. Where a change materially affects the manner in which personal information is collected, used, or disclosed, the Company will take reasonable steps to inform affected individuals in advance. Such notice may be provided through the website or by direct communication using the contact details associated with the relevant account.
Where an update introduces a new purpose for processing or materially alters an existing purpose in a manner that requires consent under applicable law, such consent will be obtained before the updated processing is implemented.
Individuals are encouraged to review this Privacy Policy periodically to remain informed about how personal information is handled. Continued use of the website following the publication of an updated version constitutes acknowledgment of the revised Privacy Policy, unless otherwise required by applicable law. The version published on the website at any given time shall prevail over all prior versions.
8. Contact Information
If you have any questions, concerns, or requests relating to this Privacy Policy, the processing of personal information, or the exercise of your rights under applicable data protection laws, you may contact the Company using the details below. The Company is responsible for overseeing privacy compliance and ensuring that privacy-related inquiries are handled in a transparent and timely manner.
SIRELIS AI LIMITED
Email: [email protected]
The Company will review and respond to written requests within a reasonable timeframe, taking into account the nature of the request and applicable legal requirements.