← Back to Home

GDPR Compliance

How MonAI ensures complete data protection compliance

Why MonAI is GDPR Compliant by Design

MonAI's on-premises architecture means your client data never leaves your building. This approach eliminates many of the data protection risks associated with cloud-based services.

Your sensitive client documents are processed entirely on hardware located within your office premises. No cloud uploads. No external servers. No third-party access.

GDPR Principles and MonAI

Data Minimization

We only collect contact and billing information necessary to provide the service. We do not collect, store, or process your client documents or extracted data.

Purpose Limitation

Any data we collect is used solely for service delivery, support, billing, and software improvements. We do not use your data for marketing to third parties or unrelated purposes.

Storage Limitation

We retain your contact and billing information only for the duration of your service agreement and as required by law. Client documents processed on your premises remain under your retention policies.

Integrity and Confidentiality

Since all document processing occurs on-premises, you maintain direct control over physical and technical security measures. The hardware uses industry-standard encryption for data at rest.

Accountability

MonAI maintains records of data processing activities and implements appropriate technical and organizational measures to demonstrate GDPR compliance.

Your Rights Under GDPR

As a MonAI client, you have the following rights regarding your personal data:

  • Right to Access: Request copies of your personal data we hold
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing

To exercise any of these rights, contact us at info@monaiglobal.com

Data Processing Roles

You are the Data Controller: For client documents and extracted data processed through MonAI, you are the data controller. You determine the purposes and means of processing.

MonAI as Service Provider: We provide the tools and infrastructure. Since processing occurs on your premises and we have no access to your documents, we operate as a service provider rather than a traditional data processor.

Your Responsibilities: You remain responsible for ensuring your use of MonAI complies with GDPR requirements applicable to your client relationships and data processing activities.

Data Breaches

On-Premises Security: Since your client data resides only on hardware within your premises, data breach risk is significantly reduced compared to cloud services.

Your Responsibility: Physical security of the hardware is your responsibility. Implement appropriate measures such as locked server rooms, access controls, and physical security protocols.

Our Responsibility: In the unlikely event of a data breach involving your contact or billing information held by us, we will notify you within 72 hours as required by GDPR.

International Data Transfers

MonAI Global Ltd is a UK-registered company. All client support and operations are UK-based. Your client documents are processed entirely on-premises within your office location. No international data transfers occur for processed documents.

Third-Party Services

MonAI uses minimal third-party services:

  • Payment Processing: Billing information is processed securely by UK-based payment providers compliant with PCI DSS and GDPR
  • Analytics: We collect anonymized usage statistics that do not include document content or identifiable client data

Supervisory Authority

Our lead supervisory authority is the Information Commissioner's Office (ICO) in the UK. You have the right to lodge a complaint with the ICO if you believe we have not complied with data protection laws.

ICO Contact:
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113
Website: ico.org.uk

Contact Our Data Protection Officer

For any questions or concerns about data protection and GDPR compliance:

Email: info@monaiglobal.com
Company: MonAI Global Ltd
Registration No: 16442630