VAIA
Features Pricing FAQ Download

GDPR & Your Data Rights

Last updated: July 20, 2026

This page is a practical guide to your data protection rights when using VAIA. It complements our Privacy Policy, which describes in full what data we process and why. The data controller is Novidea Group SRL, Intrarea Neatarnarii, Nr. 15, Ap. 7, Sector 1, Bucharest, Romania. Contact for all data protection matters: [email protected].

The design principle

VAIA was built so that the most sensitive data involved, your conversations and your documents, is not retained by us. Conversation audio and text pass through our infrastructure in transit only and are never stored on our servers. Your documents never leave your device except inside the individual AI requests that generate your answers. What we do store is limited to your account and billing records. The full detail is in the Privacy Policy.

Your rights under the GDPR

  • Right of access (Art. 15). Ask us what personal data we hold about you and receive a copy.
  • Right to rectification (Art. 16). Have inaccurate data corrected, for example your email address.
  • Right to erasure (Art. 17). Have your account and personal data deleted (see below).
  • Right to restriction (Art. 18). Ask us to limit processing in certain situations, for example while a dispute about accuracy is resolved.
  • Right to data portability (Art. 20). Receive the data you provided to us in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21). Object to processing based on our legitimate interests.
  • Right to withdraw consent (Art. 7). Where processing is based on consent, withdraw it at any time. In VAIA, the only consent-based processing is optional crash reporting, which is off by default and can be switched off again at any time in Settings.

Exercising any of these rights is free of charge.

How to exercise your rights

Email [email protected] from the email address associated with your VAIA account and tell us which right you want to exercise. Using your account email is how we verify that the request really comes from you; if you cannot use it, we will ask for equivalent proof of identity before acting, to protect your data from impostors.

We respond to all requests within one month. For complex requests the GDPR allows an extension of up to two further months; if that is ever needed we will tell you within the first month and explain why.

Deleting your account and data

To delete your account, email [email protected] with the subject "Delete my account" from your account email address. Within 30 days we will:

  • delete your account record (email, password hash, session data, verification tokens);
  • delete your billing profile and disable the associated service access keys;
  • request deletion of your customer record with our payment provider, subject to the retention that payment and tax law imposes on transaction records.

Two things to know:

  1. Legally required records. Accounting and tax law requires that records of actual payments be retained for a statutory period even after account deletion (in Romania, generally up to 10 years for accounting documents). These records are kept only for that purpose and are not used otherwise. If you never made a payment, no such records exist.
  2. Local data on your computer. VAIA stores some data only on your device (documents list, local settings, technical logs, any screen captures you made). We have no access to it and cannot delete it for you. After uninstalling VAIA, delete the folder %APPDATA%\VAIA to remove all remaining local data.

Data about other people

If you were a participant in a conversation where someone else used VAIA, note that we do not store conversation content, so we hold no recording or transcript to disclose or delete. The person who used VAIA in that conversation is responsible for their decision to use it; the Privacy Policy explains this in Section 2. You can still contact us at [email protected] with any question.

Complaints

If you believe your rights have been infringed, you can lodge a complaint with the Romanian supervisory authority:

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)
B-dul G-ral Gheorghe Magheru 28-30, Sector 1, 010336 București, Romania
dataprotection.ro

If you live in another EU country, you may instead complain to your local supervisory authority. We would appreciate the chance to resolve any concern directly first: [email protected].

VAIA © 2026 Novidea Group SRL
Terms Privacy GDPR Talk to the founder →