Skip to main content

Privacy Policy

Last updated: December 28, 2024

1. Introduction

CSOAI ("we," "our," or "us") platform and services are operated by CEASAI Limited (Company Number: [PENDING]), a UK-registered company committed to protecting your privacy. CSOAI standards and frameworks are maintained as an independent Standards Body. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including our CEASAI certification program, training courses, and Watchdog incident reporting platform.

2. Information We Collect

We may collect information about you in a variety of ways:

  • Personal Data: Name, email address, phone number, date of birth, and other contact information you provide when registering or using our services.
  • Account Information: Information related to your account, including credentials, preferences, usage history, and communication preferences.
  • Certification Data: Information about your training progress, exam results, certification status, and professional credentials.
  • Watchdog Reports: Information submitted through incident reports, including descriptions, supporting evidence, and metadata about reported AI systems.
  • Payment Information: Billing address, payment method details (processed securely through third-party providers), and transaction history.
  • Technical Data: IP address, browser type, operating system, device identifiers, and usage analytics.
  • Communication Data: Records of your communications with CSOAI support, including emails and chat logs.

3. Legal Basis for Processing

Under GDPR and other data protection laws, we process your personal data based on the following legal bases:

  • Contract Performance: Processing necessary to provide training, certification, and platform services you've requested.
  • Legal Obligation: Compliance with regulatory requirements, tax obligations, and law enforcement requests.
  • Legitimate Interests: Improving our services, preventing fraud, and maintaining platform security.
  • Consent: Marketing communications and optional analytics (with your explicit consent).
  • Public Interest: Advancing AI safety through transparent incident reporting and standards development.

4. How We Use Your Information

We use the information we collect for various purposes:

  • To provide, maintain, and improve our services
  • To process your account registration and authentication
  • To deliver training courses and certification exams (including CEASAI certification)
  • To process and analyze Watchdog incident reports for AI safety improvements
  • To send administrative and transactional communications
  • To send promotional communications (only with your consent)
  • To analyze usage patterns and improve user experience
  • To comply with legal obligations and enforce our terms
  • To prevent fraud, abuse, and security incidents
  • To conduct research on AI safety and compliance trends

5. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

  • Service Providers: Third parties who assist us in operating our website and providing services (e.g., payment processors, email providers, hosting providers). These providers are contractually bound to protect your data.
  • Legal Requirements: When required by law, court order, or government request to protect our rights and safety.
  • Public Watchdog Reports: Incident reports may be made public to promote transparency in AI safety (unless marked confidential by the reporter).
  • Business Transfers: In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction.
  • Regulatory Authorities: We may disclose information to regulatory bodies, law enforcement, or government agencies as required by law.
  • CEASAI Verification: Employers or educational institutions may verify your CEASAI certification status with your consent.

6. International Data Transfers

CSOAI is based in the United Kingdom and operates in compliance with UK GDPR and international data protection standards. If you are located outside the UK, your personal data may be transferred to, stored in, and processed in the UK or other countries where we operate. By using our services, you consent to such transfers. We implement appropriate safeguards, including Standard Contractual Clauses, to protect your data during international transfers.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication mechanisms including multi-factor authentication
  • Regular security audits and penetration testing
  • Access controls limiting data access to authorized personnel only
  • ISO 27001 certification for information security management
  • Regular backup and disaster recovery procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

8. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. Specific retention periods include:

  • Account Data: Retained for the duration of your account and 3 years after deletion for legal compliance
  • CEASAI Certification Records: Retained for 7 years to support credential verification and regulatory compliance
  • Watchdog Reports: Retained indefinitely to maintain transparency and support ongoing AI safety research
  • Transaction Records: Retained for 7 years for tax and financial compliance
  • Marketing Data: Retained until you unsubscribe or withdraw consent

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: The right to access your personal information and receive a copy of the data we hold about you
  • Correction: The right to correct inaccurate or incomplete information
  • Deletion: The right to request deletion of your information (subject to legal retention requirements)
  • Portability: The right to receive your data in a portable, machine-readable format
  • Opt-out: The right to opt out of marketing communications and non-essential processing
  • Restriction: The right to restrict processing of your data in certain circumstances
  • Objection: The right to object to processing based on legitimate interests

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days (or as required by applicable law).

10. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies help us remember your preferences, understand how you use our services, and improve functionality. You can control cookie settings through your browser preferences. For more information, please see our Cookie Policy.

11. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it immediately. Parents or guardians who believe their child's information has been collected should contact us at [email protected].

12. Third-Party Links

Our website may contain links to third-party websites and services. This Privacy Policy applies only to CSOAI services. We are not responsible for the privacy practices of third-party sites. We encourage you to review the privacy policies of any third-party services before providing your information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any significant changes by posting the updated policy on our website, updating the "Last updated" date, and sending you an email notification. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

14. Data Protection Officer

CSOAI has appointed a Data Protection Officer (DPO) to oversee our privacy practices and ensure compliance with data protection laws. You can contact our DPO at [email protected].

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: [email protected]
Data Protection Officer: [email protected]
Address: CSOAI, United Kingdom
Website: www.csoai.org

16. Regulatory Complaints

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO). You can file a complaint at www.ico.org.uk.

CSOAICSOAI

The open-source FAA for AI. Independent, transparent, and publicly accountable governance for artificial intelligence.

Join the Byzantine Council

Help govern AI safety decisions

Security & Compliance

  • Training delivered through ISO 27001:2022 certified infrastructure
  • Powered by SOC 2 Type II compliant platform (CSGA)
  • Built on enterprise-grade security infrastructure

© 2026 CSOAI. All rights reserved.

Privacy PolicyTerms of ServiceCookie PolicyAccessibility

CSOAI Legal Structure

CSOAI LTD (Council Safety of Artificial Intelligence LTD), Company Number: 16939677, registered at 86-90 Paul Street, London, EC2A 4NE, United Kingdom. As the world's first open-source FAA for AI, we operate as an independent Standards Body with 100% transparency. Our entire codebase, governance processes, and decision-making are publicly auditable. We maintain strict independence from all commercial AI vendors and technology companies. Our sole mission is to serve the public interest through independent AI safety oversight.

CEASAI Certification Standards

CEASAI (Certified Expert in AI Safety) is our professional certification program administered by CSOAI. CEASAI certification represents demonstrated competency in AI safety principles, compliance frameworks, and incident analysis. Certificates are valid for three years from issuance. CSOAI reserves the right to update certification requirements and may require recertification to maintain active status.

Independence & Transparency Statement

CSOAI is 100% independent with zero financial ties to OpenAI, Anthropic, Google, Microsoft, Meta, or any AI vendor. Our Byzantine Council uses 33 AI agents across 12 different providers to ensure no single entity controls safety decisions. All assessments are publicly auditable. All standards are openly developed. We answer only to the public interest—not shareholders, not AI companies, not governments. This is how safety should work.

Data & Privacy

Your data is protected under industry-standard security practices including encryption, secure authentication, and regular security audits. We comply with GDPR, CCPA, UK Data Protection Act 2018, and other privacy regulations. We never sell your personal information to third parties. For detailed information, please review our Privacy Policy, Cookie Policy, and Data Processing Agreement.

Cookie Preferences

We use cookies to enhance your experience

We use cookies and similar technologies to help personalize content, tailor and measure ads, and provide a better experience. By clicking "Accept All", you consent to the use of ALL cookies. You can manage your preferences by clicking "Customize".

Privacy PolicyCookie PolicyTerms of Service