Effective Date: March 3, 2025
Last Updated: April 2, 2025
This Privacy Policy (“Policy”) governs the manner in which AIRA (“we,” “us,” “our”) collects, uses, retains, discloses, and safeguards personal and sensitive information of individuals and organizations (“you,” “your,” “Data Subjects”) in accordance with applicable data protection laws, including but not limited to Republic Act No. 10173 (the Data Privacy Act of 2012 of the Republic of the Philippines), General Data Protection Regulation (GDPR), and any other relevant jurisdictional statutes.
By accessing or using the AIRA platform, its services, website, or associated applications (collectively, the “Services”), you explicitly acknowledge that you have read, understood, and agreed to the terms of this Policy.
1. Definitions
• Personal Information – Any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained.
• Sensitive Personal Information – Includes, but is not limited to, information about an individual’s health, age, government-issued identifiers, race, ethnic origin, or affiliations.
• Processing – Any operation or set of operations performed upon personal data including, but not limited to, collection, recording, organization, storage, updating, retrieval, consultation, use, consolidation, disclosure, or destruction.
2. Scope and Application
This Policy applies to all individuals whose personal data are processed by AIRA, including but not limited to:
• Users of the AIRA website or mobile applications
• Clients, partners, vendors, and government agencies
• Individuals involved in incidents reported through AIRA’s Command Center
• Data collected from AI interactions, incident reporting, and analytics
3. Collection of Information
We collect data in the following categories:
3.1. Personal Information
May include:
• Full name
• Contact information (email, phone number)
• Government-issued ID or reference numbers (when required by law)
• Organization or agency affiliation
• User credentials (stored in encrypted format)
3.2. Sensitive Personal Information
Only when strictly necessary and with appropriate safeguards:
• Incident-related audio, images, and video
• Geolocation data tied to incident reporting
• Voice recordings for AI analysis
• Facial recognition data (with prior informed consent)
3.3. System and Usage Data
Automatically collected when using our services:
• IP addresses
• Browser type and version
• Operating system and device type
• Date and time of access
• User interactions, queries, and command logs
3.4. Incident and AI Interaction Data
• Incident metadata, reports, classifications
• AI-generated summaries, analyses, and predictions
• Tags, categories, and annotations created or inferred by AIRA
4. Lawful Basis for Processing
We process personal data under one or more of the following legal bases:
• Consent – freely given, specific, informed, and unambiguous
• Performance of a contract – to deliver services as agreed
• Compliance with legal obligations – including law enforcement and public interest reporting
• Legitimate interest – to improve our systems, enhance user experience, and ensure security
• Vital interest – for protection of life or safety in emergencies
5. Purpose of Data Processing
Your data may be processed for the following purposes:
• Identification, verification, and authentication
• Incident tracking, AI-powered analysis, and real-time response
• Predictive risk assessment and pattern detection
• Communication, service updates, or support
• Research, development, and system improvement
• Legal and regulatory compliance
• Security monitoring, auditing, and fraud prevention
6. Data Retention and Disposal
• Personal data will be retained only as long as necessary for the purposes outlined above, or as required by law.
• AIRA applies strict retention schedules and automatic purging protocols for obsolete or irrelevant data.
• Anonymized and aggregated data may be retained indefinitely for research and model training.
7. Data Sharing and Disclosure
We do not sell personal data. Disclosure may occur under the following conditions:
• Authorized Government Entities – For public safety, emergency response, or lawful investigations
• Third-party Service Providers – Cloud storage, analytics, AI infrastructure (bound by Data Processing Agreements)
• Affiliates and Partners – Only with user consent or contractual agreement
• Legal Obligations – Pursuant to valid legal process (e.g., subpoena, court order)
• Mergers or Acquisitions – Subject to notification and new policy application
All third parties are contractually bound to process data securely, lawfully, and confidentially.
8. Data Subject Rights
You have the right to exercise the following, subject to verification:
• Right to be informed
• Right to access your data
• Right to rectification
• Right to erasure or “right to be forgotten”
• Right to object or withdraw consent
• Right to data portability
• Right to file a complaint with the National Privacy Commission (NPC) or relevant authority
To exercise your rights, contact our Data Protection Officer via the details in Section 11.
9. Data Security and Safeguards
We implement organizational, technical, and physical security measures, including:
• SSL encryption and HTTPS for data in transit
• Encrypted data at rest using secure servers
• Multi-factor authentication and role-based access controls
• Audit logs and breach detection systems
• Regular security audits, penetration testing, and patching
• Compliance with ISO/IEC 27001 standards where applicable
In the event of a data breach, we will notify affected individuals and authorities within the prescribed timeframe.
10. International Data Transfers
Where applicable, data may be transferred outside the Philippines or your jurisdiction to service providers or cloud infrastructure partners, subject to:
• Adequate level of data protection
• Binding contractual clauses
• Cross-border data transfer agreements in line with legal standards (e.g., GDPR Art. 46)
11. Contact Information
For privacy inquiries, data access requests, or complaints, please contact:
Data Protection Officer
AIRA – Adaptive Intelligence Response Agent
Atty Rose
commandcenter@airalabs.ai
You may also contact the National Privacy Commission at https://privacy.gov.ph for concerns regarding the Data Privacy Act.
12. Policy Updates
We reserve the right to amend this Privacy Policy at any time. All changes will be posted on our official website and, where applicable, notified to you directly. Continued use of our services after any update constitutes your acceptance of the revised policy.
By using AIRA’s services, you acknowledge that you have read, understood, and agreed to this Privacy Policy.