Privacy Policy

Last updated: May 2025

Who We Are & What We Do

Aila Media is a platform that helps journalists conduct structured interviews and research. We process data in two distinct ways:

  • Your Data (As a Journalist): When you sign up and use Aila, we collect your personal information as a subscriber/data controller under GDPR.
  • Source Data (Research Subjects): When you record calls with sources, contact information is collected for research purposes and benefits from legal press exemption protections under GDPR Article 85.

What Data We Collect

Account & Profile

  • Email address and display name
  • Reporter name and contact information
  • Language preferences
  • Stripe subscription and billing details

Research & Content

  • Hypotheses and research questions
  • Documents you upload (stored securely)
  • Interview transcripts and audio recordings
  • Interview call data and metadata

Source Contacts

  • Source names and phone numbers
  • Notes and background information
  • Note: These are collected under press exemption and protected by Article 85 of GDPR

Your Rights (GDPR Articles 15–20)

Right of Access (Article 15)

You can request access to all personal data we hold about you. Use the export feature in your account settings to download your complete dataset.

Right to Deletion (Article 17)

You can request permanent deletion of your account and all associated data, including documents, call recordings, and interviews. Visit your account settings to initiate deletion.

Right to Data Portability (Article 20)

You can export your personal data in machine-readable format (JSON) from your account settings at any time.

Right to Rectification (Article 16)

You can update your personal information at any time via the Settings page.

How Long We Keep Your Data

  • Active Account: Data is retained while your account is active.
  • After Deletion: Data is permanently deleted within 30 days.
  • Stripe Records: Billing records are retained for 7 years for tax/audit purposes.
  • Usage Logs: Anonymous usage statistics are retained indefinitely for analytics.

International Data Transfers

Aila uses trusted third-party service providers to deliver our platform. Some are based outside the EU/EEA. We rely on Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs) to ensure GDPR-compliant transfers.

For details, contact us at lmadsoe@gmail.com.

Press Exemption for Source Data

Under GDPR Article 85 and Norwegian personopplysningsloven §3, source contact information collected for journalism is exempt from certain data subject rights. However, this does not waive our obligations to:

  • Protect source data with strong security measures
  • Use Data Processing Agreements with vendors
  • Notify of data breaches
  • Maintain proper records of processing

Data Security

  • All data in transit is encrypted (HTTPS/TLS)
  • Passwords are hashed using industry-standard algorithms
  • Sensitive personally identifiable information is masked in logs
  • Access to sensitive data is restricted to authorised personnel only

Questions & Contact

If you have questions about this privacy policy or your personal data:

This privacy policy may be updated periodically. Changes will be posted to this page.