AI at Work Logo

Privacy Policy

Provider: Brainster CBC Collective LLC Skopje (“Brainster”, “we”, “us”, “our”)

Registered address: ul. Vasil Gjorgov 19, Skopje, North Macedonia

Last updated: 19 February 2026

Welcome to AIatWork. By registering, subscribing, or accessing our platform, you agree to be bound by the following Privacy Policy. This policy applies to all users, including individual subscribers (B2C) and corporate clients (B2B).

1. WHO WE ARE

This Privacy Policy explains how Brainster collects and processes your personal data when you use AIatWork.

Legal entity: Brainster CBC Kolektiv LLC Skopje

Registered address: ul. Vasil Gjorgov 19, Skopje, North Macedonia

Email for privacy matters: [email protected]

For the purposes of the EU General Data Protection Regulation (“GDPR”), Brainster is the data controller of your personal data as described in this Privacy Policy.

2. WHAT THIS PRIVACY POLICY COVERS

This Privacy Policy applies when you:

  • create an account or use AIatWork (web or mobile);
  • visit our web portal (e.g., https://my.aiatwork.ai);
  • participate in AI Courses and AI Academies;
  • use AI Models and AI Tools;
  • communicate with us (email/support).

It does not apply to third-party websites/services even if accessed through AIatWork.

3. PRIVACY COMMITMENTS

  • Brainster earns revenue from subscriptions, not from selling personal data.
  • Brainster does not use your prompts, chats, or uploaded content to train Brainster’s own AI models.
  • Brainster keeps personal data only as long as needed for the purposes described here.
  • You have rights over your data.

4. PERSONAL DATA WE COLLECT

We process the following categories:

4.1 Account data: name/username, email, password hash, subscription tier, account status.

4.2 Education and participation data: course/academy enrollments, attendance/participation signals, quiz/assessment results, certificates issued, and related learning activity metadata.

4.3 Conversation and content data (AI Models and AI Tools): prompts, messages, chat titles, AI responses, feedback on responses, and metadata (timestamps, model/tool chosen). We do not use this data to train Brainster’s own models.

4.4 Files: images, documents, and other files you upload into chats or as part of learning activities, plus metadata (filename, size, type). Deletions trigger synchronized deletion; residual encrypted backups may persist for a limited time.

4.5 Usage and technical data: IP address, device type, operating system, browser type, app version, referring URLs, pages viewed, clicks, feature interactions.

4.6 Payment data: transaction ID, plan type (payment card details are held by the payment processor, not Brainster).

4.7 Security/log data: login timestamps, failed attempts, password reset tokens, security events, rate-limiting logs, abuse reports.

4.8 Communications: emails, support tickets, survey responses, in-app feedback.

5. PURPOSES OF PROCESSING

We process personal data to:

  • provide and operate AIatWork (including Courses/Academies, Models, and Tools);
  • manage subscriptions, billing, and payments;
  • deliver educational services, assessments, and certificates;
  • secure AIatWork and prevent abuse;
  • communicate with you;
  • improve reliability and user experience;
  • comply with legal obligations.

6. LEGAL BASES

We rely on:

  • performance of a contract (to provide the Services and manage your account);
  • legal obligations (accounting/tax, lawful requests);
  • legitimate interests (security, abuse prevention, reliability, product improvement);
  • consent where required (e.g., marketing opt-in, non-essential cookies).

You may withdraw consent at any time by contacting [email protected]

7. AI MODEL PROVIDERS AND THIRD-PARTY PROCESSING

7.1 Transmission of Content

To generate AI outputs, the platform transmits User Content (including prompts, context, and uploaded files) to the selected or configured Model Providers. These may include, but are not limited to, OpenAI, Anthropic, Google, Mistral, Perplexity, xAI, and others.

7.2 Third-Party Terms and Training

By selecting or using a specific model and AI tool, you acknowledge that the provider processes your input according to its own privacy policy and terms of service.

  • Enterprise Arrangements: Brainster typically utilizes commercial API/enterprise tier arrangements with these providers. These tiers generally include restrictions that prevent the providers from using your data to train their foundational models.
  • User Responsibility: Notwithstanding the above, the third-party provider's specific terms and policies apply to the extent required by the integration. Users remain responsible for the nature of the data they choose to transmit.

8. SHARING OF PERSONAL DATA

We share personal data only as necessary with:

  • AI model providers you use;
  • hosting/infrastructure providers;
  • payment processors;
  • email/support tooling providers;
  • professional advisers and authorities where required by law.

We do not sell personal data to advertisers.

9. SECURITY

We implement technical and organizational measures including encryption in transit and at rest, access controls, monitoring, backups, and limited staff access. No system is perfectly secure. If a breach likely creates high risk, we will notify you and/or authorities as required by law.

10. INTERNATIONAL TRANSFERS

Data may be processed in North Macedonia and by providers in other countries. Where required, we use appropriate safeguards (adequacy decisions, SCCs, or equivalent mechanisms). Contact us for details.

11. DATA RETENTION (TYPICAL)

  • Account data: retained while active; after closure up to 3 years (reactivation, disputes, compliance) unless law requires longer.
  • Conversation/content and files: stored until you delete or close account; residual encrypted backups may persist up to ~6 months.
  • Usage/technical: identifiers like IP up to 12 months; aggregated/anonymized may be retained longer.
  • Billing: up to 10 years or longer if required by tax/accounting laws.
  • Security logs: up to 12 months (then deleted/anonymized).
  • Support communications: up to 3 years after closure.

12. CHILDREN’S PRIVACY

AIatWork is not intended for children under 16. We do not knowingly collect their data.

13. YOUR RIGHTS

Subject to law, you may request access, correction, deletion, restriction, portability, objection, and withdrawal of consent. We may verify identity and respond within legal timelines.

Right to complain (North Macedonia): AZLP – https://azlp.mk/en/ (email: [email protected]) If you are in the EEA/UK, you may complain to your local authority.

14. CHANGES

We may update this Privacy Policy and will update the “Last updated” date and provide notice where appropriate.

15. CONTACT

Email (general): [email protected]

Physical address: ul. Vasil Gjorgov 19, Skopje, North Macedonia