Privacy Policy
1. Data Integrity and Auditing Architecture
As a sovereign AI auditing institute, verifying the security of your proprietary data is the core of our business. This policy describes how La Rose de Diane (publisher of WASA Confidence) protects the High-Risk and confidential information processed during our conformity assessments.
Our privacy protocols are fully integrated into our auditing framework. Securing your datasets (Data View) ensures that your regulatory exposure (Legal View) remains contained. We apply the same stringent security to our internal operations as we demand when verifying your Human Oversight and executing Post-Market Monitoring. Learn more on the WASA Confidence homepage.
2. The "Zero Data Retention" Promise
When auditing High-Risk AI deployments under the EU AI Act, the primary concern is the leakage of training datasets. We eliminate this vulnerability through an air-gapped architecture:
- We exclusively utilize enterprise-grade, localized API channels from foundational models (xAI/Grok, Anthropic/Claude, Google/Gemini, OpenAI/GPT) or localized open-source deployments.
- By contractual and technical design, your data is never used to train, improve, or modify any public or private algorithmic model.
- Our auditing agents operate via "Ephemeral Processing." They execute their stress-tests, generate the compliance report, and automatically purge all client log files and data from active memory upon task completion. A Certificate of Data Destruction is provided upon request.
3. Data Collected for Compliance Inquiries
Via our secure contact and scoping portal, we collect only the necessary administrative data (Name, Corporate Entity, Email, and a description of your AI architecture or compliance risk). This data is securely stored for 3 years for exclusive legal, commercial, and audit-tracking purposes.
4. End-to-End Encryption & Orchestration
To safely ingest your system logs for an Article 14 audit or map your RAG dependencies, we rely on dedicated, isolated orchestration servers located strictly within compliance jurisdictions. All data flows (in-transit and at-rest) are secured using advanced TLS cryptographic protocols.
5. Exercising Your Rights (GDPR)
In accordance with the General Data Protection Regulation (GDPR) and overlapping provisions within the EU AI Act, you retain full rights to access, modify, restrict processing of, or delete your contact and audit-trail data.
To exercise these rights, please communicate directly with our Data Protection Officer at: contact@wasaconf.org.
6. Cookies and Technical Logs
This website uses essential session cookies required for security and basic functionality. We do not use cross-site tracking cookies or transfer anonymized analytics to advertising networks. Your technical visit logs are retained solely for incident detection and server health monitoring.