GDPR & Privacy

AETHRA is fully compliant with the EU General Data Protection Regulation (GDPR). We collect and process user data only with explicit, informed opt-in consent and retain the minimum data needed to power our platform features.

Data Collection & User Rights

• Explicit Consent: All personal data is collected only after users affirmatively opt in.

• Minimal Data Principle: We store only the fields required to enable AI matching, credential verification, and workforce planning.

• User Controls: Users have the right to access, export, or delete their personal data in accordance with GDPR Articles 12–23. These controls are being progressively integrated into the AETHRA dashboard as part of the release cycle.

Data Processing & Security

• Encryption: All data in transit and at rest is encrypted using industry-standard TLS and AES-256.

• Access Controls: Role-based permissions ensure only authorized services and personnel can view or process personal data.

• Audit Logging: All data access and changes are logged for traceability and breach detection.

Note: For full details, refer to our Privacy Policy at https://aethra.work/privacy-terms