Effective Date: May 15, 2026 | Last Updated: May 15, 2026
At Ghost Digital Inc., available from our primary digital touchpoints and corporate platforms, one of our main priorities is the privacy of our visitors and clients. This Privacy Policy document contains types of information that is collected and recorded by Ghost Digital Inc. and how we use it in strict compliance with the General Data Protection Regulation (GDPR).
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us through our dedicated data protection channel.
1. Data Controller
For the purpose of the General Data Protection Regulation (GDPR), the data controller responsible for your personal data processing operations is:
- Company Name: GHOST DIGITAL INC
- Registered Address: 306 Victoria House, Victoria, Mahé, Seychelles
- Contact Email: info@ghostdigital.site
2. Lawful Basis for Processing Personal Data
If you are a resident of the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. Ghost Digital Inc. may process your personal data because:
- We need to perform a contract with you or prepare for entering into a contract.
- You have given us explicit consent to do so.
- The processing is in our legitimate operational interests (such as improving our AI digital services, customer analytics, and platform security), provided it does not override your fundamental rights.
- To comply with legal, regulatory, or judicial obligations.
3. Types of Data We Collect
We may collect, store, and process various categories of personal information necessary to deliver and refine our AI digital services:
- Identity & Contact Information: Name, professional title, business email address (such as inputs addressed to info@ghostdigital.site), corporate telephone numbers, and physical operational addresses.
- Technical & Usage Data: Internet Protocol (IP) addresses, browser type, software configuration, operating system, internet service provider details, timestamp telemetry, and clickstream navigation paths.
- Commercial & Transactional Information: Strategic business operational data shared for AI model optimization, billing information, service subscription records, and interaction history.
4. Purpose of Data Processing
Ghost Digital Inc. processes collected personal data to satisfy the following distinct operational purposes:
- To provision, maintain, protect, and optimize our proprietary artificial intelligence models and digital delivery environments.
- To execute custom corporate strategies and automated workflow implementations.
- To handle inbound customer queries, system alerts, and platform documentation updates.
- To safeguard against fraudulent access, system vulnerabilities, and operational threats.
- To fulfill underlying accounting, auditing, and corporate compliance demands.
5. Data Retention Period
Ghost Digital Inc. will retain your personal information only for as long as is strictly necessary for the analytical and operational purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our global legal obligations, resolve operational or contract disputes, and enforce our binding enterprise service frameworks.
When personal data is no longer required for its designated processing activity, it is permanently deleted or rendered fully anonymous using irreversible masking standards.
6. International Data Transfers
Given that Ghost Digital Inc. operates from its headquarters located at 306 Victoria House, Victoria, Mahé, Seychelles, personal data collected within the European Economic Area (EEA) will be transferred outside the EEA block. When executing international cross-border data movements, we leverage robust validation frameworks to safeguard your information, including standard contractual clauses (SCCs) approved by the European Commission, ensuring an equivalent level of security.
7. Your GDPR Data Protection Rights
If you are an EEA resident, you possess distinct data protection privileges under the provisions of the GDPR. You may exercise these rights at any time by sending a message to info@ghostdigital.site:
- The Right to Access: You can formally demand comprehensive summaries and electronic copies of the personal data points we hold regarding you.
- The Right to Rectification: You are entitled to demand that we correct any information you believe is inaccurate or supplement metrics you prove are incomplete.
- The Right to Erasure (“Right to be Forgotten”): You can request that we completely erase your personal profiles from active nodes under predefined legal conditions.
- The Right to Restrict Processing: You have the right to request that we temporarily freeze or restrict the active processing workflows applied to your records.
- The Right to Object to Processing: You have the right to object to our processing of your personal data when we rely on legitimate interest as our legal ground.
- The Right to Data Portability: You can request that we transition the collected metadata into a machine-readable, structured format to transport over to an alternate provider.
- The Right to Withdraw Consent: Where our processing operations rely entirely on your explicit consent, you can retract it smoothly at any time without penalization.
8. Third-Party Data Disclosures
We do not lease, trade, or distribute client identity tracking profiles to third parties for direct monetization. Your records are only exposed to vetted external entities supporting our core infrastructure, including hosting networks, secure payment infrastructure, and diagnostic optimization utilities. All such entities operate under binding data processing agreements limiting data utility to our strict instructions.
9. Security Measures
We employ enterprise-grade structural and digital protection steps to seal your metadata from unapproved alteration, exposure, or catastrophic loss. Our technical frameworks feature transport layer encryption, parameterized system authentications, and regular perimeter monitoring. However, no digital structure or transmission standard over open networks is entirely impenetrable.
10. Filing a Complaint
Should you believe our internal operational handlers violate your legitimate statutory rights under regional data protection laws, you retain the formal right to file an administrative complaint with an official Data Protection Supervisory Authority situated inside your habitual residence or place of employment within the European Union.
