1. Introduction

MESSAI.IO ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform for microbial electrochemical systems research and development.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

This website is operated as an individual research project. For any privacy-related inquiries, please contact us via email.

3. Data We Collect

3.1 Information You Provide

• Account information (name, email address, organization)
• Profile information (research interests, expertise)
• Research data and experimental parameters
• Communication data (support tickets, feedback)

3.2 Automatically Collected Information

• Usage data (features used, time spent, interactions)
• Device information (browser type, operating system)
• IP address and approximate location
• Cookies and similar tracking technologies

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract: To provide our services and fulfill our agreement with you
• Legitimate Interests: To improve our platform, ensure security, and provide customer support
• Consent: For marketing communications and optional features
• Legal Obligations: To comply with applicable laws and regulations

5. How We Use Your Data

We use your personal data for the following purposes:

• Providing and maintaining our research platform
• Processing and analyzing experimental data
• Improving our AI models and predictions
• Communicating with you about your account and services
• Ensuring platform security and preventing fraud
• Complying with legal obligations
• With your consent, sending marketing communications

6. Data Sharing and Disclosure

We may share your data with:

• Service Providers: Third-party vendors who assist in operating our platform
• Research Collaborators: Only with your explicit consent
• Legal Authorities: When required by law or to protect our rights
• Business Transfers: In connection with mergers or acquisitions

We do not sell your personal data to third parties.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with sufficient data protection
• Your explicit consent where required

8. Data Retention

We retain your personal data for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Fulfill the purposes outlined in this policy

Research data is retained for the duration of your account unless you request deletion. Account data is retained for 3 years after account closure.

9. Your Rights

Under GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit processing of your data
• Portability: Receive your data in a portable format
• Object: Object to certain processing activities
• Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us at privacy@MESSAI.IO. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

11. Children's Privacy

Our platform is not intended for users under 16 years of age. We do not knowingly collect personal data from children.

12. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For detailed information, please see our Cookie Policy.

13. Complaints

If you have concerns about our data processing, you have the right to lodge a complaint with your local data protection authority. In the EU, you can find your authority at: https://edpb.europa.eu/about-edpb/board/members_en

14. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification. Continued use after changes constitutes acceptance.

15. Contact Us

For questions about this Privacy Policy or our data practices, contact us at: