Effective Date: December 2025
Last Updated: December 2025
Duesphere AI (“we”, “our”, or “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.
Duesphere AI is a technology platform providing AI-powered worker voice and corporate supply chain due diligence reporting services.
For privacy inquiries, contact us at: info@duesphereai.com
Our platform is designed to operate without intentionally collecting or storing personal data from workers. From worker interactions, we process chatbot messages, limited employment-related context, and any documents or images submitted for analysis. These materials are processed temporarily and are not stored after processing. Any personal data that may be incidentally included is automatically detected and redacted.
From client companies, we collect only the minimum information required to create and manage administrator access. Companies may upload supply chain materials, policies, and compliance documents. We also process due diligence reports and system access logs.
Data is collected through direct user interactions and processed solely for the purposes defined in this Policy under GDPR. Worker information is received through chatbot conversations and uploaded files and processed on the basis of consent and legitimate interest. Client company information is collected during dashboard account setup and document uploads and processed on the basis of contractual necessity.
We process information to operate and improve our services and fulfill legal and contractual obligations. Worker data is used only for chatbot support and analysis, while client company data is used for dashboard access, compliance analysis, reporting, and security. We do not use data for advertising, marketing, or sale of personal data.
We process data in accordance with Article 6 of the GDPR. Worker interactions are processed based on consent and legitimate interest, with automatically redacted personal data. Client company data is processed on the basis of contractual necessity and legal obligations. Users may withdraw consent at any time.
Our platform uses AI to analyze data, generate anonymized insights, detect risks, and support due diligence reporting. Automated processing does not produce decisions with legal or significant effects on individuals without human review. Any personal data is automatically detected and excluded from long-term processing.
We do not sell personal data. Data may be shared with trusted third parties strictly necessary for service operation (cloud providers, security services, AI processing). Worker data is shared with companies only as aggregated, anonymized insights. We may disclose data where required by law.
Our systems may process data in multiple regions. Where international transfers occur, we apply safeguards such as encryption, access controls, and contractual protections to ensure compliance with data protection laws.
We retain data only as long as necessary. Worker conversations are stored as anonymized data for three months. Uploaded files are processed temporarily and not stored. Client documents and reports are retained for the duration of the contract or legal requirements.
We implement strong security measures including encryption, access controls, secure cloud infrastructure, monitoring, and security assessments. Access to data is limited to authorized personnel under confidentiality obligations.
Users have rights under GDPR: access, correction, deletion, restriction, objection, and data portability. Users may also withdraw consent at any time. Requests can be submitted through our contact details.
Our services are not intended for children under 16. We do not knowingly process children’s data. If discovered, such data will be deleted.
We use only essential cookies necessary for platform operation, security, and performance. We do not use cookies for advertising or profiling. Users may control cookie settings in their browser.