GDPR Compliance
Last updated: February 17, 2026
1. Our Commitment
AI Blog Press is committed to protecting your personal data in compliance with the EU General Data Protection Regulation (GDPR). This page outlines how we process personal data, the legal bases for processing, and how you can exercise your rights under the GDPR.
2. Data Controller
AI Blog Press acts as the data controller for personal data collected through our platform. For any data protection inquiries, you can reach our Data Protection Officer at privacy@aiblogpress.com.
3. Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract performance: processing necessary to provide the AI Blog Press service you subscribed to (account management, content generation, WordPress publishing)
- Legitimate interest: service improvement, security monitoring, fraud prevention, and analytics
- Consent: optional analytics cookies (you can withdraw consent at any time via the cookie settings)
- Legal obligation: compliance with tax, accounting, and other regulatory requirements
4. Data We Process
| Data Category | Purpose | Retention |
|---|---|---|
| Account information | Service delivery, authentication | Until account deletion + 30 days |
| WordPress credentials | Content publishing | Until connection removed |
| Generated content | Blog post creation | Until account deletion + 30 days |
| Payment data | Subscription billing | 5 years (Polish accounting law) |
| Usage logs | Service monitoring, billing | 12 months |
5. International Data Transfers
Our infrastructure providers (Supabase, Vercel, OpenAI, Stripe) may process data outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, and we verify that our providers maintain adequate levels of data protection.
6. Your Rights Under GDPR
As an EU/EEA resident, you have the following rights:
- Right of access: request a copy of the personal data we hold about you
- Right to rectification: request correction of inaccurate or incomplete data
- Right to erasure: request deletion of your personal data ("right to be forgotten")
- Right to restriction: request that we limit how we process your data
- Right to data portability: receive your data in a structured, machine-readable format
- Right to object: object to processing based on legitimate interest
- Right to withdraw consent: withdraw previously given consent at any time
7. How to Exercise Your Rights
To exercise any of your GDPR rights, you can:
- Email our Data Protection Officer at privacy@aiblogpress.com
- Use the data export and account deletion features in your dashboard settings
We will respond to your request within 30 days. If we need more time, we will inform you of the reason and extension period (up to 60 additional days).
8. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk, we will also notify affected individuals without undue delay.
9. Supervisory Authority
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.