airp.hu – Privacy Policy

Effective date: 06.15.2026.


This Privacy Policy describes how AITics Kft. (“AITics”, “we”, “us”) processes personal data in connection with the airp.hu platform and related services.

1. Data Controller

Company name: AITics Kft.

Registered address: 4400 Nyíregyháza, Újház sor 30., Hungary

Company registration number: 15-09-088935

Tax number: 27197730-2-15

Contact email: contact@aitics.eu

Website: https://airp.hu

2. Applicable Legislation

AITics processes personal data in accordance with:

  • Regulation (EU) 2016/679 (“GDPR”);
  • applicable Hungarian data protection laws;
  • other applicable EU legislation.

3. Categories of Processed Data

Depending on the use of the Service, AITics may process:

3.1 Account and Identification Data

  • name;
  • company name;
  • email address;
  • phone number;
  • billing information;
  • user account identifiers.

3.2 Usage and Technical Data

  • IP address;
  • browser information;
  • device information;
  • login history;
  • usage logs;
  • session information.

3.3 Business Data Uploaded by Customers

  • customer records;
  • employee information;
  • project data;
  • operational and financial information;
  • uploaded files and attachments.

4. Purpose and Legal Basis of Processing

AITics processes personal data for the following purposes:

Purpose

Legal Basis

Providing the Service

Contract performance

User authentication and security

Legitimate interest

Billing and accounting

Legal obligation

Customer support

Legitimate interest / Contract

Service improvement and analytics

Legitimate interest

Communication regarding the Service

Legitimate interest

Compliance with legal obligations

Legal obligation

5. Data Processing Role

5.1. In most cases:

  • the Customer acts as Data Controller;
  • AITics acts as Data Processor.

5.2. AITics processes Customer-uploaded personal data only according to Customer instructions and for the purpose of providing the Service.

5.3. Integrated Data Processing Framework: To ensure seamless compliance with Article 28 of the GDPR, the parties hereby execute and agree to be bound by the mandatory data safety protocols set forth in Annex A (Data Processing Addendum) attached to the bottom of the Terms of Service.

6. Data Retention

AITics retains personal data only for as long as necessary:

  • during the contractual relationship;
  • for legally required retention periods;
  • for legitimate business purposes;
  • for dispute resolution and enforcement.

Upon termination, data may be deleted after a reasonable retention period unless legal obligations require otherwise.

7. Data Security Measures

AITics applies appropriate technical and organizational measures, including:

  • encrypted HTTPS communication;
  • access control systems;
  • authentication mechanisms;
  • infrastructure monitoring;
  • backup systems;
  • restricted administrative access.

8. Payment Processors and Financial Data Handling

AITics may use external payment processors, including PayPal, for subscription billing and payment processing.

Payment card and financial transaction data may be processed directly by such payment providers according to their own legal and regulatory obligations.

AITics does not store full payment card details on its own systems unless explicitly stated otherwise.

9.  Subprocessors and Third-Party Data Transferees

AITics Kft. utilizes trusted third-party service providers (Subprocessors) to manage operational logistics, platform hosting, and email delivery workflows.

9.1. Infrastructure and Hosting Environments: Data uploaded by Customers is hosted on infrastructure provided by Amazon Web Services (AWS) and/or Hetzner Online GmbH, depending on the selected deployment architecture.    AITics utilizes Backblaze, Inc. (Backblaze B2 Cloud Storage) for encrypted backup storage and business continuity purposes. All customer data, database backups, and file archives stored via Backblaze are physically hosted exclusively within Backblaze’s EU Central region (Amsterdam, Netherlands).    AITics selects storage regions and implements appropriate contractual and technical safeguards to ensure compliance with applicable GDPR requirements.

9.2. General Subprocessors: We also utilize external providers for functional capabilities, including email routing networks, analytics monitoring, and communication systems. AITics ensures that all engaged subprocessors are bound by strict Data Processing Agreements (DPAs) or Standard Contractual Clauses that mirror our own security protocols and the data safety obligations mandated by the GDPR.

9.3.  AI Model Providers: For the delivery of AI-assisted features and workflow automation, AITics utilizes the following AI model providers as subprocessors:

  • Mistral AI SAS (headquartered in Paris, France, EU): Large language model inference for AI automation workflows.
  • Microsoft Corporation – Azure OpenAI Service : Large language model inference for AI automation workflows. Where used, AITics ensures data is processed within EU-region Azure deployments where available, and that Microsoft is engaged under valid EU Standard Contractual Clauses.

10. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), AITics ensures appropriate safeguards, including:

  • EU Standard Contractual Clauses;
  • adequacy decisions;
  • other GDPR-compliant mechanisms.

For infrastructure providers with corporate headquarters outside the EEA (such as Amazon Web Services and Backblaze, Inc.), AITics ensures that all physical data hosting occurs strictly within EU-based data centers. To safeguard potential remote access or administrative workflows, these providers are engaged under valid EU Standard Contractual Clauses (SCCs) and, where applicable, the EU-U.S. Data Privacy Framework.

11. Data Subject Rights

Under GDPR, data subjects may have the right to:

  • access their personal data;
  • request rectification;
  • request deletion;
  • restrict processing;
  • object to processing;
  • request data portability;
  • lodge a complaint with a supervisory authority.

Requests may be submitted to: contact@aitics.eu

12. Cookies and Tracking Technologies

The airp.hu website and platform may use cookies and similar technologies for:

  • authentication;
  • security;
  • analytics;
  • performance optimization;
  • user preferences.

Where required by law, consent will be requested before non-essential cookies are used.

13. AI Processing

13.1. The Service may use AI technologies to:

  • generate recommendations;
  • automate workflows;
  • summarize operational data;
  • improve user productivity.

13.2. AI-generated outputs may involve automated processing of uploaded data.

13.3. Customers are responsible for ensuring that they have appropriate legal grounds to upload and process personal data using the platform.

13.4. AI features of the platform are powered by third-party AI model providers including Mistral AI SAS (EU-headquartered) and Microsoft Azure OpenAI Service. These providers process data solely to deliver AI-generated outputs as instructed. All providers are engaged under appropriate Data Processing Agreements in compliance with GDPR requirements.

14. Incident Handling

AITics maintains procedures for handling security incidents and personal data breaches.

Where legally required, affected parties and authorities will be notified according to GDPR obligations.

15. Compliance with Hungarian and EU Data Protection Requirements

AITics intends to operate the Service in accordance with:

  • the GDPR;
  • Hungarian data protection authority (NAIH) guidance;
    Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH) Address: 1055 Budapest, Falk Miksa utca 9-11. Mailing address: 1363 Budapest, Pf. 9. Email: ugyfelszolgalat@naih.hu | Website: www.naih.hu
  • ePrivacy-related requirements where applicable;
  • data minimization and privacy-by-design principles;
  • accountability and record-keeping obligations.

Where required by law, AITics will cooperate with supervisory authorities and comply with mandatory reporting obligations.

16. Changes to this Privacy Policy

AITics may update this Privacy Policy from time to time.

Material changes will be communicated through the platform or via email.

17. Contact Information

For privacy or data protection questions:

AITics Kft.

Email: contact@aitics.eu

Website: https://airp.hu

18. Recommended Additional Documents

For enterprise deployments and larger customers, AITics may additionally provide:

  • Data Processing Agreement (DPA)
  • Service Level Agreement (SLA)
  • Information Security Policy
  • AI Usage Policy
  • Acceptable Use Policy (AUP)
  • Cookie Policy
  • Enterprise Subscription Agreement