Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Which measures has Studytube taken to comply with relevant regulations, including the GDPR and AI Act?

            Modified on Tue, 3 Dec at 2:03 PM

            When selecting the provider of our AI chatbot, Ruby, Studytube took several measures to comply with relevant regulations:

            • Careful handling of personal data
              • Low-risk classification: Our risk analysis shows that the chatbot poses a low privacy risk. No sensitive personal data is processed. The only data collected is a name and email address, and this is only when creating a support ticket in Freshdesk. Providing this information is always optional.
              • Data protection: All data is processed within the EEA and is encrypted. Helix3, the chatbot's provider (product name: Gleen), does not use conversational data to train its AI models.
              • GDPR compliance: The chatbot’s dataset consists entirely of our own FAQ articles. No personal data is stored in this dataset.
            • Transparency about AI functionality
              • Users are informed when they open the chatbot that they are interacting with an AI chatbot, as required by the AI Act.
              • The chatbot is only available to staff with LMS management rights, ensuring its use is limited to a specific audience.
              • There is always a human alternative available. If the chatbot cannot provide a suitable answer, the user can immediately create a ticket or choose another support option (email or phone).
            • Agreements with the sub-processor (Helix3)
              • Data Processing Agreement (DPA): We have a DPA with Helix3 that outlines agreements on data processing. Helix3 is also part of the Data Privacy Framework.
              • Technical documentation: The chatbot uses various models (such as OpenAI and Vector Search). These models are not trained on user data.
            • Compliance with the AI Act
              • Risk analysis: The chatbot is classified as a low-risk system. Potential risks, such as misinformation, are mitigated through monitoring and transparency.
              • Monitoring and security: Our staff regularly reviews the chatbot's performance to identify and correct incorrect or harmful answers.
              • Transparency requirements: All conversations with the chatbot are traceable and auditable, as required by the AI Act. It is also made clear to users that they are interacting with an AI chatbot.
            • Data retention period
              Personal data is retained for a maximum of 13 months.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0