GDPR Compliance Statement

Last updated: April 4, 2025

At Winify AI, a product of Leosh Solutions LLC, we are committed to complying with the European Union’s General Data Protection Regulation (GDPR). This page outlines how we handle personal data of individuals located in the European Economic Area (EEA) and your rights under GDPR.

Who We Are

Winify AI is a SaaS platform that helps businesses automate RFP and security questionnaire responses using AI.
Winify AI is operated by:

Leosh Solutions LLC
30 N Gould St Ste N
Sheridan, WY 82801
United States
Email: [email protected]

We process personal data under the following lawful bases, as outlined in Article 6 of the GDPR:

  • Consent (e.g., when you sign up or opt into communications)
  • Contractual necessity (e.g., to provide access to our services)
  • Legal obligations (e.g., accounting or regulatory compliance)
  • Legitimate interests (e.g., improving our product, preventing fraud)

What Personal Data We Collect

Depending on how you use our site or services, we may collect:

  • Name and email address
  • Company name and role
  • Usage data and analytics (e.g., IP address, browser type, session info)
  • Uploaded content (e.g., policy documents or questionnaires)

See our Privacy Policy for full details.

How We Use Your Data

Your personal data is used to:

  • Provide and improve our services
  • Communicate with you
  • Fulfill legal and contractual obligations
  • Protect our business and prevent misuse

We do not sell your personal data. We do not use your uploaded content to train AI models.

Your GDPR Rights

As a data subject under GDPR, you have the right to:

  • Access your personal data
  • Rectify incorrect or outdated information
  • Delete your data (“right to be forgotten”)
  • Restrict or object to certain processing
  • Port your data to another provider
  • Withdraw consent at any time (if processing is based on consent)
  • Lodge a complaint with your local Data Protection Authority

To exercise any of these rights, please email us at [email protected]. We will respond within 30 days as required by law.

Data Storage and Transfers

We are based in the United States. Your data may be transferred to and processed in the U.S., where we apply GDPR-compliant safeguards such as:

  • Data processing agreements with all third-party vendors
  • Encryption at rest and in transit
  • Access controls and audit logging

Data Retention

We retain personal data only as long as necessary for the purpose it was collected or as required by law. You may request deletion at any time.

Subprocessors and Third-Party Tools

We use trusted third-party services (such as hosting, email delivery, and analytics) that process data on our behalf. All subprocessors are contractually obligated to protect your data under GDPR-compliant agreements.

Changes to This Statement

We may update this GDPR Statement from time to time. All updates will be posted on this page with the updated date.

Contact

If you have questions about this statement or your data, you can contact:

Data Protection Officer
Leosh Solutions LLC
Email: [email protected]

Thank you for trusting Winify AI.