GDPR Compliance Statement

Last Updated: May, 2025

1. Our Commitment to GDPR

Ethio AI Insights, operated by Behailu Weldeyohannes, is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We recognize our obligations in updating and expanding our program to meet the demands of the General Data Protection Regulation (GDPR).

This statement outlines our commitment to GDPR compliance for users residing within the European Union (EU) and the European Economic Area (EEA).

2. Data Controller

For the purposes of GDPR, the data controller for personal data collected via the ethioai.tech website and associated services is:

Behailu Weldeyohannes
Operating as Ethio AI Insights
Maryland, United States
Email: contact@ethioai.tech

3. Lawful Basis for Processing

We process personal data under the following lawful bases as defined by GDPR:

• Consent (Article 6(1)(a) GDPR): Where you have given clear consent for us to process your personal data for a specific purpose (e.g., subscribing to our newsletter, accepting non-essential cookies).
• Legitimate Interests (Article 6(1)(f) GDPR): Where the processing is necessary for our legitimate interests, such as operating and securing the website, responding to user inquiries, analyzing website usage for improvements (using anonymized or aggregated data where possible), and preventing fraud, provided these interests are not overridden by your data protection interests or fundamental rights and freedoms.

4. Your GDPR Rights

Under the GDPR, if you are an individual residing in the EU/EEA, you have the following rights regarding your personal data:

• Right of Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure ('Right to be Forgotten'): You have the right to request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data based on legitimate interests, under certain conditions.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions (applies mainly to data processed based on consent or contract).
• Right to Withdraw Consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing before the withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

To exercise any of these rights, please contact us using the details provided in Section 8.

5. Data Processing Activities

Our main processing activities involving personal data include:

• Managing newsletter subscriptions (if offered).
• Responding to contact form submissions or direct email inquiries.
• Analyzing website traffic via cookies (based on consent) to understand user behavior and improve the service.
• Ensuring website security and performance.

We aim to collect only the minimum amount of personal data necessary for these purposes.

6. Data Transfers

Our website is hosted, and data may be processed, by service providers potentially located outside the EU/EEA (e.g., hosting in the US). Where personal data is transferred outside the EU/EEA, we take steps to ensure that the data is protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or by relying on the service provider's participation in recognized data transfer frameworks or adequacy decisions, where applicable.

7. Data Security Measures

We take the security of personal data seriously and implement appropriate technical and organizational measures to protect it against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes using HTTPS encryption for data transmission.

8. Contact Information

For any questions regarding this GDPR Compliance Statement or to exercise your data protection rights, please contact:

Behailu Weldeyohannes
Email: contact@ethioai.tech

(Please use "GDPR Request" or similar in the subject line).

« Back to Ethio AI Insights Home