← Back to AI Badge

Privacy Policy

Last updated: 7 April 2026

1. Data Controller

fiveinnolabs.

2. What We Collect and Why

Data	Purpose	Legal Basis (GDPR)
Name and email	Account creation, programme delivery, communications	Contract performance (Art. 6(1)(b))
Assessment responses	Generating your AI competency report	Contract performance (Art. 6(1)(b))
Payment information	Processing payments via Stripe	Contract performance (Art. 6(1)(b))
Session notes	Personalising your coaching experience	Legitimate interest (Art. 6(1)(f))
Usage data (analytics)	Improving the platform	Legitimate interest (Art. 6(1)(f))

3. Payment Processing

Payments are processed by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. We do not see or store your full card number, expiry date, or CVV. Stripe processes your data as an independent data controller.

4. Third-Party Services

Service	Purpose	Data Shared
Firebase (Google)	Authentication, database	Email, usage data
Stripe	Payment processing	Email, payment details
Google Meet	Coaching sessions	Name, email (for calendar invite)
Resend	Transactional emails	Email address

All third-party processors are GDPR-compliant. Data is stored within the EU/EEA or under adequate safeguards (Standard Contractual Clauses).

5. Data Retention

• Account data: Retained for the duration of your programme plus 12 months, then deleted unless you request earlier deletion.
• Assessment data: Retained for 24 months to enable comparison reports, then anonymised.
• Payment records: Retained for 6 years as required by Irish tax law (Taxes Consolidation Act 1997).

6. Your Rights (GDPR)

You have the right to:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate data.
• Erasure: Request deletion of your data ("right to be forgotten").
• Portability: Receive your data in a structured, machine-readable format.
• Restriction: Restrict processing in certain circumstances.
• Objection: Object to processing based on legitimate interest.
• Withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact victor@fiveinnolabs.com. We will respond within 30 days.

7. Cookies

AI Badge uses essential cookies for authentication and session management. We do not use advertising or tracking cookies. Firebase may set functional cookies as part of the authentication process.

8. Children

AI Badge is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children.

9. Data Breaches

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Data Protection Commission (DPC) within 72 hours and inform you without undue delay, as required by GDPR Article 33 and 34.

10. Supervisory Authority

You have the right to lodge a complaint with the Irish Data Protection Commission: www.dataprotection.ie

11. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date.