404200.ai is an AI deployment agency registered and based in Cyprus, European Union. We build websites, custom AI systems, AI agents, and digital infrastructure for small and medium-sized businesses and individuals across Cyprus and the EU.
We are the data controller for all personal data collected through this website and through our services.
We collect only what we need to deliver our services and respond to your enquiries.
We do not collect payment card data directly. Any payment processing is handled by third-party processors under their own privacy obligations.
We never sell your data. We never use your data to train AI models. We never share your data with third parties for marketing purposes.
The diagnostic terminal and chat assistant on this website are powered by the Anthropic API (Claude). Messages you send to the terminal are transmitted to Anthropic's servers for processing. This transmission is subject to Anthropic's own privacy policy and data handling practices.
We do not store your terminal conversation history beyond the current browser session. We do not log or retain individual message content on our servers.
For AI systems we deploy locally for clients (on-premise or private VPS), your data never leaves your infrastructure. The model is static and does not communicate with external servers during normal operation.
Data we hold about you is stored on EU-based servers only. We apply the following security measures as standard:
In the event of a data breach that affects your rights or freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware, as required under GDPR Article 33.
As a data subject under GDPR, you have the following rights. We will respond to all requests within 30 days.
To exercise any right, contact us at [email protected]. You also have the right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection or any EU supervisory authority.
We retain your data only for as long as necessary:
After the retention period, data is securely deleted or anonymised.
One-time project engagements do not have a recurring cancellation obligation. However, project scopes agreed in writing are binding. Changes to agreed scope may incur additional charges or revised timelines.
Upon service termination, we will provide you with all deliverables, source code, and credentials that belong to you. We will delete your data from our active systems within 30 days of the end of the retention period, unless legal obligations require otherwise.
This website uses one functional cookie: a display preference cookie (dark/light mode) stored locally in your browser. This cookie contains no personal data and is not used for tracking.
We do not use advertising cookies, third-party tracking pixels, or analytics platforms that profile individual users. We do not use Google Analytics or similar services.
If we add any non-essential cookies in future, we will request your consent in advance and update this policy with 14 days' notice.
The only third party that processes data entered on this website is:
For client projects, any third-party services we integrate on your behalf (e.g. payment processors, email platforms) are disclosed in your project agreement and operate under their own privacy policies. We select third parties that meet or exceed GDPR standards wherever possible.
We may update this policy to reflect changes in our services, technology, or legal obligations. If we make material changes, we will notify active clients by email with 14 days' notice before the changes take effect.
The current version of this policy is always available at this URL. The effective date at the top of this page indicates when the current version was last updated.
For any privacy-related request, question, or complaint:
Supervisory Authority: Cyprus Commissioner for Personal Data Protection — dataprotection.gov.cy