Logo
Overlay

[ ]

Privacy Policy

Last updated: 16 May 2026

This Privacy Policy explains how Lypta.ai ("Lypta", "we", "us") collects and uses personal data when you visit lypta.ai. lypta.ai is a marketing website where you can read about our software, request a meeting through a contact form, and optionally subscribe to our newsletter. The website does not host user accounts, does not process payments, and does not provide any AI service. This Policy is written to comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and, where applicable, the UK GDPR.

01Who we are

The controller responsible for your personal data is:

Company name
Lypta Innovation d.o.o.
Registered address
Đoka Vojvodića 10, Zvezdara
Company registration number
114286279
Website
https://lypta.ai
Privacy contact email
office@lypta.ai

02What personal data we collect

2.1 Information you give us directly

  • Meeting request form — your name, email address, company (optional), and any message you choose to include.
  • Calendar booking — when you book a meeting through our scheduling tool (Calendly), we receive your name, email, the date and time you chose, and any answers to the questions in the booking flow.
  • Newsletter — if you opt in, your email address and the date of your consent.
  • Direct correspondence — any information contained in emails you send us.
  • Technical data — IP address, browser type and version, operating system, device type, time zone, language — collected automatically.
  • Usage data — pages visited, time spent on each page, referrer URL, clicks — collected automatically.
  • Cookies and analytics identifiers — see the cookies section below and our Cookie Policy.

03Why we use your data and the legal basis

We process personal data for the purposes listed below, relying on the legal bases set out in Article 6 GDPR. Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms. You can object to such processing at any time.

PurposeData usedLegal basis
Responding to your meeting request or enquiryName, email, company, messagePre-contractual measures at your request (Art. 6(1)(b)); legitimate interests (Art. 6(1)(f)) in answering enquiries
Scheduling and holding the meetingName, email, booking detailsPre-contractual measures (Art. 6(1)(b))
Following up after the meetingName, email, notes from the meetingLegitimate interests (Art. 6(1)(f)) in pursuing the business conversation you initiated
Sending the newsletterEmail addressConsent (Art. 6(1)(a)) — you can withdraw at any time
Website analyticsTechnical and usage data via cookiesConsent (Art. 6(1)(a)) for non-essential cookies
Security and abuse preventionTechnical data, request logsLegitimate interests (Art. 6(1)(f)) in keeping the site secure
Complying with legal obligationsWhatever data is requiredLegal obligation (Art. 6(1)(c))

04Who we share your data with

We share personal data only with service providers we use to operate the website, and only to the extent necessary for them to perform their service. They act as our processors under written agreements.

We may also disclose personal data to public authorities where required by law, and to professional advisors (lawyers, accountants) under confidentiality. We do not sell personal data and we do not share it for third-party advertising.

ProviderServiceLocation
VercelWebsite hostingEU
CalendlyMeeting schedulingUnited States
Google LLCGoogle AnalyticsUnited States / EU
Google WorkspaceReceiving your enquiriesEU
MailchimpNewsletter deliveryEU

05International transfers

Some of our providers are located outside the European Economic Area (EEA), in particular in the United States (Calendly, Google). When we transfer personal data to such providers, we rely on the Standard Contractual Clauses adopted by the European Commission (Decision (EU) 2021/914) and, where applicable, the EU–U.S. Data Privacy Framework, supplemented by additional safeguards where necessary. You may request a copy of the safeguards in place by contacting us.

06Cookies

We use a small number of cookies on lypta.ai. Strictly necessary cookies are set automatically; analytics cookies are set only after you give consent via the cookie banner. Full details are in our separate Cookie Policy.

07Your rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of access — obtain confirmation that we process your data and a copy of it (Art. 15).
  • Right to rectification — have inaccurate data corrected (Art. 16).
  • Right to erasure — have your data deleted (Art. 17).
  • Right to restriction of processing — (Art. 18).
  • Right to data portability — receive your data in a structured, commonly used format (Art. 20).
  • Right to object — to processing based on legitimate interests, and to direct marketing at any time (Art. 21).
  • Right to withdraw consent — at any time, without affecting the lawfulness of past processing. To unsubscribe from the newsletter, use the unsubscribe link in any newsletter email, or contact us.
  • Right to lodge a complaint — with your local data protection authority.

08How long we keep your data

Type of dataRetention period
Meeting requests and enquiries that do not lead to a business relationshipUp to 12 months from last contact, then deleted
Meeting requests and enquiries that lead to a business relationshipFor the duration of the relationship plus 24 months
Calendly booking recordsAs above; Calendly data is also retained by Calendly under its own policy
Newsletter subscribersUntil you unsubscribe; consent records kept for 3 years after unsubscribe as proof of consent
Server logs and security logsUp to 90 days
Cookie consent records12 months from the date of consent

09How we protect your data

We use appropriate technical and organisational measures to protect personal data, including HTTPS/TLS encryption for the website, restricted access to systems holding personal data, reputable service providers, and regular software updates. No method of transmission over the internet is fully secure, so we cannot guarantee absolute security.

10Children

The website is aimed at business users and is not directed at children. We do not knowingly collect personal data from children under 16. If you believe a child has provided us data, please contact us so we can delete it.

11Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated on the website.

12Complaints

If you believe our processing infringes data protection law, please contact us first (nikola.arsenic@lypta.ai) so we can address the issue. You also have the right to lodge a complaint with the supervisory authority of your habitual residence, place of work, or place of the alleged infringement. In Serbia, this is the Commissioner for Information of Public Importance and Personal Data Protection (Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti), www.poverenik.rs.