Legal · EU/EEA

GDPR Compliance

Last updated: 10 July 2026

Infosphere Technologies is committed to the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This page explains the legal basis on which we process personal data and the rights available to data subjects in the EU/EEA.

1. Data Controller

The data controller for personal data processed via the MedResearch AI platform is Infosphere Technologies. For any data-protection request, contact skouras@infosphereco.com.

2. Legal Bases for Processing

3. Your GDPR Rights

Access

Obtain a copy of the personal data we hold about you.

Rectification

Correct inaccurate or incomplete data.

Erasure

Request deletion of your data ("right to be forgotten").

Portability

Receive your data in a structured, machine-readable format.

Restriction

Limit how we process your data in certain cases.

Objection

Object to processing based on legitimate interests.

4. International Data Transfers

Where personal data is transferred outside the EU/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses. For on-premise deployments, your research content remains within your own infrastructure and is not transferred to us.

5. Data Breach Notification

In the event of a personal-data breach likely to result in a risk to your rights, we will notify the competent supervisory authority within 72 hours where required, and affected individuals without undue delay.

6. Data Retention

We retain personal data only for as long as necessary for the purposes described in our Privacy Policy, after which it is deleted or irreversibly de-identified.

7. How to Exercise Your Rights

Send your request to skouras@infosphereco.com. We will respond within one month, as required by the GDPR. You also have the right to lodge a complaint with your local supervisory authority.

This document is provided for transparency and should be reviewed by a qualified data-protection professional before commercial reliance.