Skip to Content

Politique de Confidentialité

This policy explains how Keiko for Business, a brand of The AI App Factory Sàrl-S, collects, uses, and protects your personal data when you visit this website.

Keiko for Business / The AI App Factory Privacy Policy

Effective date: July 2025

1. Introduction and Our Commitment to Your Privacy

At Keiko for Business, we position ourselves as a pragmatic and accessible partner, aiming to make artificial intelligence (AI) useful, accessible, and human for everyone, regardless of technical expertise or the size of the organization. Our mission is to "Free your time, unleash your potential." The protection of your personal data is at the heart of this commitment.

This privacy policy explains how The AI App Factory S.à r.l.-S, operating through its service and support branch Keiko for Business, collects, uses, shares, and protects your personal data. We are committed to clear and jargon-free communication, as well as realistic promises and tailored solutions. We also commit to adhering to privacy-by-design principles and complying with the regulations of the GDPR (General Data Protection Regulation) and the EU AI Act.

2. Who are we?

• Legal name: The AI App Factory S.à r.l.-S.

• Headquarters: 31A, Arelerstrooss, L-8552, Oberpallen, Luxembourg.

• Founder and Manager: Olivier Dubois.

• Service mark: Keiko for Business is the service and support branch, as well as the coaching and AI consulting arm of The AI App Factory S.à r.l.-S.

3. Our Fundamental Principles of Data Protection

We process your personal data in accordance with the principles of the GDPR, which are the cornerstone of our approach to privacy:

• Lawfulness, Fairness, and Transparency: Your data is processed in a lawful, fair, and transparent manner. We clearly inform you about how your data is used.

• Limitation of Purposes: Your data is collected for specific, explicit, and legitimate purposes, and is not processed later in a manner incompatible with those purposes.

• Data Minimization: We only collect personal data that is adequate, relevant, and strictly necessary for the purposes for which it is processed.

• Accuracy: We ensure that your personal data is accurate and, if necessary, updated. All reasonable measures are taken to have inaccurate data deleted or corrected without delay.

• Limitation of Retention: Your personal data is kept in a form that allows for your identification only for as long as necessary for the purposes of processing.

• Integrity and Confidentiality: Your data is processed in a way that ensures appropriate security, including protection against unauthorized or unlawful processing and against loss, destruction, or accidental damage, using appropriate technical or organizational measures.

• Accountability: As the data controller, we are responsible for adhering to these principles and are able to demonstrate it.

4. What Personal Data Do We Collect and Why?

We collect personal data to provide our services and interact with you. The types of data and the purposes of their processing are as follows:

• Identification and contact information: Name, first name, email address, phone number, company, position.

    ◦ Purposes: To communicate with you, respond to your inquiries (for example, a free 15-minute introductory call), provide you with quotes, and manage our client and partner relationships.

    ◦ Legal basis: Execution of pre-contractual measures or a contract, or our legitimate interests in interacting with potential and existing customers.

• Professional and contextual data: Information about your company (SME, entrepreneur), your industry, your specific AI needs, your digital maturity level, and the repetitive tasks you wish to automate.

    ◦ Purposes: To understand your context and needs in order to propose relevant and tailored AI solutions, whether it be coaching, consulting, or custom developments. This data allows us to help you "save time, focus on what matters, and unleash your full potential."

    ◦ Legal basis: Execution of a contract or our legitimate interests in adapting our services to your reality.

• Performance and learning data (within the coaching framework): Progress in developing AI skills, practical exercises, scenarios based on your reality.

    ◦ Objectives: To provide personalized coaching and support, help you develop your autonomy, and prototype solutions for real business cases.

    ◦ Legal basis: Execution of a coaching service contract.

• Usage data (for the improvement of our services and applications): When you use our services or platforms, we may collect data on how you interact with them.

    ◦ Purposes: Improve user experience, optimize our solutions, and ensure their relevance. These data are anonymized or pseudonymized whenever possible.

    ◦ Legal basis: Our legitimate interests in continuously improving our offerings.

• Marketing and communication data: Communication preferences, interactions on social media (e.g. LinkedIn).

    ◦ Purposes: To inform you about our services, news, case studies, and to strengthen our relationship with you. We prioritize storytelling to engage you.

    ◦ Legal basis: Your consent (for direct communications when required) or our legitimate interests in promoting our services to targeted audiences (notably non-technical SME decision-makers).

5. How Do We Protect Your Data?

Your data security is a top priority. We implement appropriate technical and organizational measures to ensure a level of security that is suitable for the risks:

• Data protection by design and by default: We integrate data protection principles from the design phase of our services and applications.

• Advanced security measures: This includes, among other things, the pseudonymization and encryption of personal data when appropriate.

• "Human + AI" Model: Our unique approach combines human expertise (Olivier, the founder, as the "Orchestrator") with the power of AI (Keiko, the internal AI assistant). Olivier personally directs, corrects, and validates all AI-assisted work, ensuring quality and reinforcing our clients' trust, as purely AI-generated output is recognized as insufficient.

• Transparency and no overestimation: We are committed to being transparent about the capabilities and limitations of AI and to never overselling our abilities.

6. Sharing and Transfer of Personal Data

• Internal sharing: Your data may be processed by various entities and tools within The AI App Factory and Keiko for Business (notably by the internal AI assistant "Keiko" and its 16 specialized sub-agents).

• Sharing with third parties: For highly specialized needs, Keiko for Business collaborates with a network of external experts (developers, AI model specialists, etc.). We ensure that these subcontractors provide sufficient guarantees regarding the implementation of appropriate technical and organizational measures to comply with the GDPR. Processing by a subcontractor is governed by a contract defining data protection obligations.

• Data transfers outside the European Union (EU): Keiko for Business and The AI App Factory use a variety of AI models and tools from various providers (e.g., Google, Anthropic, OpenAI). Some of these providers may be located outside the EU. When personal data is transferred to third countries or international organizations, we ensure that the level of protection guaranteed by the GDPR is not compromised. These transfers are carried out only if appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission, Binding Corporate Rules, or if an adequacy decision exists for the relevant country.

7. Your Rights as a Data Subject (GDPR Rights)

In accordance with the GDPR, you have rights regarding your personal data. You can exercise these rights by contacting us (see section 10):

• Right to information: You have the right to be informed about the collection and use of your personal data.

• Right of access: You have the right to obtain confirmation that your data is being processed and to access it, as well as to obtain information about the processing.

• Right to rectification: You have the right to request the correction of inaccurate or incomplete data concerning you.

• Right to erasure ("right to be forgotten"): You have the right to obtain the deletion of your personal data under certain circumstances (for example, if the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent).

• Right to restrict processing: You have the right to request the restriction of processing your data in certain situations (for example, if you contest the accuracy of the data).

• Right to data portability: When processing is carried out by automated means and based on your consent or a contract, you have the right to receive the data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit it to another data controller.

• Right to object: You have the right to object to the processing of your personal data in certain situations, particularly when the processing is based on our legitimate interests or for direct marketing purposes, including profiling related to that direct marketing.

• Right not to be subject to automated individual decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or significantly affects you, unless it is necessary for a contract, authorized by law, or based on your explicit consent.

• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority (for example, the National Commission for Data Protection in Luxembourg) if you believe that the processing of your data violates the GDPR.

We are committed to responding to your requests without excessive delay and, in any case, within one month of receiving the request.

8. Data Retention

We do not retain your personal data longer than necessary to achieve the purposes for which it was collected, or to comply with applicable legal or regulatory requirements.

9. Modifications to this Privacy Policy

We may modify this privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on our website and/or communicated to you through other appropriate means. We encourage you to review this policy regularly to stay informed about how we protect your information.

10. Contact us

For any questions regarding this privacy policy or to exercise your rights, you can contact us:

• By email: privacy@theaiappfactory.com

• By mail: The AI App Factory S.à r.l.-S, 31A, route d’Arlon, L-8552, Oberpallen, Luxembourg

We will strive to address your concerns in a pragmatic and clear manner, as our commitment dictates.