Skip to main content
← Back to Home

Privacy Policy

Last updated: March 16, 2026

In this Privacy Policy, Bajora, MB (company registration code: 303236293, VAT code: LT100011), with a registered address at Skatules g. 17A, LT-06298, Vilnius, Republic of Lithuania ("Argothos," "we," "us," or "our"), explains how we collect, use, store, share, and protect your personal data when you use the Argothos platform at argothos.com (the "Site") and our AI-powered helper, knowledge base, and automation services (collectively, the "Services").

We are committed to protecting your privacy and processing your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Law on Legal Protection of Personal Data of the Republic of Lithuania.

1. Data Controller

The data controller responsible for your personal data is:

Bajora, MB

Skatules g. 17A, LT-06298
Vilnius, Republic of Lithuania
Company registration code: 303236293
VAT code: LT100011
Email: [email protected]

2. How We Use Your Personal Data

We process your personal data for specific, legitimate purposes. The table below details each purpose, the categories of data involved, the legal basis for processing, and how long we retain the data.

PurposePersonal DataLegal BasisRetention
Account registrationEmail address, namePerformance of contract (Art. 6(1)(b) GDPR)Until account deletion or 2 years after last login
Payment processingEmail, payment method, billing detailsPerformance of contract (Art. 6(1)(b) GDPR)10 years after last transaction (Lithuanian accounting law)
Profile personalizationName, role, company info, preferencesPerformance of contract (Art. 6(1)(b) GDPR)Until account deletion or 2 years after last login
Providing AI ServicesChat messages, uploaded documents, Knowledge Base dataPerformance of contract (Art. 6(1)(b) GDPR)Until account deletion or 2 years after last login
Service analytics and improvementUsage patterns, feature interactions, error logsLegitimate interest (Art. 6(1)(f) GDPR)2 years from collection
Customer supportEmail, support inquiry contentLegitimate interest (Art. 6(1)(f) GDPR)2 years from last communication
Marketing communicationsEmail addressConsent (Art. 6(1)(a) GDPR)Until consent withdrawal
Legal compliance and dispute resolutionAll relevant data as necessaryLegal obligation (Art. 6(1)(c)) / Legitimate interest (Art. 6(1)(f))1 year after final resolution of dispute

3. AI Services and Data Processing

3.1 Third-Party AI Providers

To deliver our AI-powered features, we utilize third-party AI model providers (such as Moonshot AI for language model processing and Jina AI for document embeddings). When you interact with our AI helpers or upload documents to Knowledge Base, certain data may be transmitted to these providers for processing.

These third-party providers:

  • Process data solely to generate responses and embeddings on our behalf.
  • Are bound by data processing agreements that comply with GDPR requirements.
  • Do not use your data to train or improve their general AI models.
  • Are required to implement appropriate technical and organizational security measures.

3.2 Data Processed by AI Features

The following categories of data may be processed through our AI features, depending on what you provide:

  • Chat messages: Text-based inputs, prompts, and queries you submit to AI helpers.
  • Uploaded documents: Files you upload to Knowledge Base (PDF, DOCX, TXT, etc.) for knowledge base creation.
  • Contextual data: Information derived from your interactions to personalize helper responses (e.g., language preferences, conversation history within a session).

3.3 No Training on Your Data

We do not use your personal data, chat messages, uploaded documents, or any User Content to train, fine-tune, or improve general-purpose AI models. Your data is used exclusively to provide the Services you have requested.

4. Cookies

Cookies are small text files stored on your device by your web browser when you visit our Site. We use cookies to ensure the proper functioning of the Site, analyze usage patterns, and improve your experience.

4.1 Types of Cookies We Use

  • Strictly necessary cookies: Essential for the Site to function (e.g., authentication, session management). These cannot be disabled and do not require consent.
  • Analytics cookies: Help us understand how visitors interact with the Site by collecting anonymized usage data. We use these to improve the Services.
  • Preference cookies: Store your settings and preferences (e.g., language, interface customization) to provide a more personalized experience.

We do not use third-party advertising or behavioral tracking cookies. Analytics cookies are only set with your prior consent. You can manage your cookie preferences at any time through the cookie settings accessible from the bottom of any page on our Site.

5. Who Receives Your Data

We share your personal data only with trusted parties where necessary to provide the Services or where legally required:

  • Infrastructure providers: Hosting and cloud computing services (Google Cloud Platform) for data storage and application delivery.
  • Authentication provider: Clerk for secure user authentication and identity management.
  • Payment processors: For secure handling of subscription payments and billing.
  • AI model providers: As described in Section 3, for delivering AI-powered features.
  • Legal authorities: When required by law, court order, or to protect our legal rights.

We do not sell your personal data to any third party. We do not share your data for third-party advertising purposes.

6. International Data Transfers

Your personal data is primarily stored within the European Economic Area (EEA). Where data transfers to countries outside the EEA are necessary (e.g., to AI model providers), we ensure appropriate safeguards are in place, including:

  • Transfers to countries recognized by the European Commission as providing adequate data protection.
  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Other legally recognized transfer mechanisms where applicable.

For more information about the safeguards in place, contact us at [email protected].

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/HTTPS) and at rest.
  • Access controls limiting data access to authorized personnel only.
  • Regular security assessments and monitoring.
  • Secure database configurations with role-based access.
  • Automated backup procedures with encrypted storage.

While we strive to protect your data using commercially reasonable measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents in accordance with our legal obligations.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in Section 2 above. When determining retention periods, we consider:

  • The nature and sensitivity of the data.
  • The purposes for which we process the data.
  • Legal obligations requiring data retention (e.g., Lithuanian tax and accounting laws requiring 10-year retention of financial records).
  • Our legitimate interests in maintaining records for legal defense.

Upon account deletion, we remove your personal data from active systems within 30 days. Backup copies may be retained for an additional period not exceeding 90 days, after which they are permanently destroyed.

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15): You have the right to obtain confirmation of whether we process your data and to receive a copy of that data.
  • Right to rectification (Art. 16): You may request correction of inaccurate personal data or completion of incomplete data.
  • Right to erasure (Art. 17): You may request deletion of your personal data where: the data is no longer necessary; you withdraw consent; you object to processing; or the data was processed unlawfully.
  • Right to restriction (Art. 18): You may request that we restrict processing of your data in certain circumstances, such as when you contest its accuracy.
  • Right to data portability (Art. 20): You may request to receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller.
  • Right to object (Art. 21): You may object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days as required by law. You can also manage some of these rights directly through your account settings.

If you believe our processing of your data infringes the GDPR, you have the right to lodge a complaint with the State Data Protection Inspectorate of the Republic of Lithuania (Valstybine duomenu apsaugos inspekcija), L. Sapiegos g. 17, 10312 Vilnius, or the supervisory authority in your EU member state of residence. You can find the relevant authority at edpb.europa.eu.

10. Children

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verified parental consent, we will take steps to promptly delete that data. If you believe we have collected data from a child, please contact us at [email protected].

11. Third-Party Links

Our Site may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party services you visit through our platform.

12. Marketing Communications

With your consent, we may send you marketing communications via email about our Services, new features, and promotions. You may opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email.
  • Updating your communication preferences in your account settings.
  • Contacting us at [email protected].

Opting out of marketing communications does not affect transactional or service-related communications (such as account notifications, security alerts, or billing confirmations).

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. For material changes, we will notify you via email or a prominent notice on the Site at least 30 days before the changes take effect. We encourage you to periodically review this page for the latest information.

14. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Bajora, MB — Data Protection

Skatules g. 17A, LT-06298
Vilnius, Republic of Lithuania

General inquiries: [email protected]
Privacy-specific inquiries: [email protected]

Terms of ServiceBack to Home