Privacy Policy
Last updated: March 10, 2026
Effective: March 23, 2026
Your data stays in the EU.
Stored in Microsoft Azure data centers, pinned to EU locations.
We don't sell your data.
Not to advertisers, not to third parties, not ever.
Your employer controls workspace data.
We process it on their behalf under strict terms.
Zero Trust architecture.
Encrypted in transit and at rest, SSO via Microsoft 365, audit-logged access.
You can delete your data.
Request access, correction, or deletion anytime at privacy@ervy.ai.
Scope & applicability
This Privacy Policy applies to Ervy's online workplace learning tools and platform (the "Services"), the ervy.ai website (the "Website"), and other interactions you may have with us. Ervy is owned and operated by WeAreDots, SIA.
This policy does not apply to third-party applications that integrate with our Services, or any other third-party products or businesses. A separate Customer Agreement governs the delivery and use of the Services, including the processing of content submitted through your workspace.
If you don't agree with this policy, please do not access or use the Services, Website, or any other aspect of our business.
Data controller & processor
Your organization (the "Customer" — typically your employer) is the controller of Customer Data. Ervy acts as the processor of Customer Data and the controller of Other Information, such as usage analytics and account details.
In practice, this means your employer decides what data goes into Ervy, and we process it strictly according to their instructions and our Customer Agreement.
Information we collect
We collect and receive two categories of information:
Customer Data — content submitted to Ervy by your organization or its authorized users when using the Services (documents, learning content, quiz responses, etc.).
Other Information — data we collect to operate and improve the service:
Account info:
email address, domain, billing details
Usage metadata:
features used, content viewed, interaction patterns
Device & log data:
IP address, browser type, OS, timestamps
Location data:
approximate location derived from IP or business address
Cookies:
see our Cookie Policy for details
Third-party integrations:
data shared when you enable connected services
How we use your information
We collect and receive two categories of information:
Customer Data is used strictly according to your organization's instructions and the Customer Agreement.
Other Information is used to operate, maintain, and improve our Services — including delivering the product, responding to support requests, developing new features, sending service communications, managing billing, and investigating security issues.
Sharing & disclosure
We share information only in these circumstances:
Customer instructions:
as directed by your organization's agreement with us
Within your workspace:
authorized users may see profile information
Service providers:
trusted third parties that help us operate (under strict agreements)
Legal requirements:
when required by law, regulation, or legal process
Business changes:
in the event of a merger, acquisition, or sale
With your consent:
when you explicitly agree to sharing
Data retention
Customer Data is retained according to your organization's instructions and agreement terms.
Other Information is retained for no longer than 2 years, unless a longer period is required by law. When we no longer need your data, we delete or anonymize it. If deletion isn't immediately possible (e.g., backup archives), we isolate the data and protect it until deletion is feasible.
Cookies & tracking
We use cookies and similar technologies to collect information and improve your experience. Details are in our Cookie Policy. You can manage cookie preferences in your browser settings.
We do not currently respond to Do-Not-Track (DNT) browser signals, as no uniform standard has been established.
Security measures
All data is stored in Microsoft Azure data centers located in the EU. We follow Zero Trust architecture principles across our infrastructure.
Authentication is handled via Microsoft 365 SSO — no additional passwords required. All production access is logged, audited, and restricted. Development environments are fully separated from production data.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 32 32" xmlns="http://www.w3.org/2000/svg"><path d="M 10.666 26.665 C 10.666 26.665 21.331 21.332 21.331 13.332 L 21.331 4 L 10.666 0 L 0 4 L 0 13.333 C 0 21.332 10.666 26.665 10.666 26.665 Z" fill="transparent" height="26.665px" id="A7pcbxVyy" stroke-dasharray="" stroke-linecap="round" stroke-linejoin="miter" stroke-miterlimit="10" stroke-width="2.666" stroke="rgb(255, 76, 2)" transform="translate(5 2)" width="21.331000000000017px"/></svg>)
Your privacy rights
Depending on your jurisdiction, you may have the right to:
• Request access to and obtain a copy of your personal data
• Request correction or deletion of your data
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
To exercise any of these rights, email privacy@ervy.ai. We respond within 30 days. If you're in the EEA and believe we're processing your data unlawfully, you can also contact your local supervisory authority.
Data breach policy
In the event of a data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach (unless it poses no risk to individuals). We will also notify affected users directly when we believe there is a risk of serious harm.
Children's privacy
We do not knowingly collect data from or market to anyone under 18 years of age. If we discover that a minor's data has been collected, we will deactivate the account and delete the data promptly.
Policy updates
We may update this policy from time to time. Material changes will be communicated via a prominent notice on our website or a direct notification. The "Last updated" date at the top of this page always reflects the most recent revision.
Contact us
WeAreDots, SIA
Kronvalda Boulevard 3-5
Riga, LV-1010, Latvia
E-mail: privacy@ervy.ai
Phone: +371 67509912
