Privacy Policy

This Privacy Policy explains how Ultraviolet ("we," "us," or "our") collects, uses, and protects your personal data when you use the Prism AI SaaS platform ("Platform"). We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Who We Are

Ultraviolet is a company registered in Serbia with headquarters at Bulevar Arsenija Carnojevica 103, 11000 Belgrade, Serbia. We are the data controller for your personal data when you create and use an account on our Platform.

2. WHAT DATA WE COLLECT

  • Full name
  • Email address
  • Company name
  • User credentials and login metadata (IP, device, browser)
  • Payment and billing information (processed via third-party payment processor)
  • Technical usage data (e.g., API usage, project activity)

3. HOW WE USE YOUR DATA

We use your data to:

  • Provide access to and operate the Platform
  • Communicate with you regarding your account and service updates
  • Provide support and respond to inquiries
  • Process payments and manage subscriptions
  • Improve the Platform and monitor usage
  • Comply with legal obligations

4. LEGAL BASIS FOR PROCESSING

We process your data on the following legal bases:

  • Contractual necessity – to deliver the services you signed up for
  • Legitimate interests – to maintain and improve our services
  • Legal obligation – to meet accounting or regulatory requirements
  • Consent - where applicable (e.g., marketing communications)

5. DATA RETENTION

We retain your personal data for as long as your account is active and for a limited period thereafter to comply with legal and operational obligations. Data may be anonymized for analytics.

6. DATA SHARING AND SUBPROCESSORS

We do not sell or share your personal data with third parties, except:

  • With cloud hosting providers, email service providers, and payment processors strictly as needed to provide the Platform
  • With public authorities if legally required
All subprocessors are GDPR-compliant and under data processing agreements.

7. DATA TRANSFERS

Your data may be processed or stored in the EU or other jurisdictions with adequate protection standards. Where applicable, we use Standard Contractual Clauses (SCCs) to safeguard cross-border data transfers.

8. YOUR RIGHTS UNDER GDPR

You have the right to:

  • Access your personal data
  • Correct or update inaccuracies
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with a data protection authority
To exercise your rights, contact us at privacy@ultraviolet.rs

9. SECURITY

We implement appropriate technical and organizational measures to protect your data, including encryption, access control, and regular security reviews.

10. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you via email or through the Platform when significant changes occur.

11. CONTACT

If you have questions or concerns about this policy or how we handle your data, contact us at: privacy@ultraviolet.rs Ultraviolet, Bulevar Arsenija Carnojevica 103, 11000 Belgrade, Serbia.