GDPR information.

This page summarises how RetroGradient Labs Ltd approaches GDPR compliance for website visitors and general enquiries. Customer-specific processing (e.g. under a services agreement or DPA) is governed by those contracts.

We aim to process personal data lawfully, fairly, and transparently; to collect the minimum necessary; to keep it accurate; to limit storage; to ensure appropriate security; and to demonstrate accountability.

• Consent (Art. 6(1)(a)), where we ask for optional analytics or similar non-essential technologies (see Cookie Policy).
• Contract / pre-contract (Art. 6(1)(b)), where you request information that may lead to a commercial relationship.
• Legitimate interests (Art. 6(1)(f)), for example network security, abuse prevention, and limited operational analytics where configured not to require consent and balanced against your rights.
• Legal obligation (Art. 6(1)(c)), where we must retain or disclose information to comply with law.

You may exercise GDPR rights as described in our Privacy Policy, including access, rectification, erasure, restriction, objection, portability, and withdrawal of consent. Contact: admin@retrogradientlabs.com.

If you consider that our processing infringes the GDPR, you have the right to lodge a complaint with a supervisory authority; in Malta, the IDPC (see link in our Privacy Policy).

Where we act as provider of AI systems to clients, we support appropriate conformity and risk-management processes under applicable law, including the EU AI Act where relevant. Website processing is assessed separately from product deployments.

We maintain internal records of processing activities where required by Art. 30 GDPR. A summary suitable for transparency may be provided on request where appropriate.

Last updated: April 2026