Compliance & Privacy Policy.

1. Regulatory Compliance

EverSphere operates as a global AI research and infrastructure provider, with headquarters in [Insert HQ Address – e.g., Silicon Valley, CA, USA] and offices worldwide.

We are committed to complying with all applicable regulations, including but not limited to:

• GDPR (General Data Protection Regulation, EU/EEA)
• CCPA/CPRA (California Consumer Privacy Act/Privacy Rights Act, USA)
• UK Data Protection Act
• ISO/IEC 27001 standards for information security
• Applicable defence and export-control regulations in the jurisdictions in which we operate.

2. Data Collection & Use

We collect only the data necessary to support research, platform optimisation, and user services. Data sources may include:

• Account and contact details (when voluntarily provided)
• Technical metadata from system access logs
• Research datasets governed by strict licensing and usage agreements

We do not sell personal data to third parties. Any data shared externally (for example, with academic collaborators or regulatory auditors) is subject to anonymisation and contractual safeguards.

3. Research Integrity & Model Safety

All EverSphere platforms - including the Milo, Kai, and specialist model families - undergo rigorous internal audits and third-party evaluations.

• Red-Teaming: All systems are stress-tested by independent safety researchers.
• Ethical Oversight: Dr Abigail Shaw leads our Ethics & Assurance division, ensuring that our models align with human-centred values.
• Governance Protocols: Development is guided by reproducible pipelines, auditable checkpoints, and internationally recognised best practices in AI assurance.

4. Security & Access Controls

We protect data and infrastructure through:

• End-to-end encryption for data in transit and at rest
• Zero-trust network architecture
• Multi-factor authentication for all system access
• Continuous monitoring for anomalies across global data centres

Access to sensitive systems is restricted to authorised personnel only, under strict need-to-know principles.

5. Individual Rights

Depending on your jurisdiction, you may have rights to:

• Access a copy of your personal data
• Request correction or deletion
• Restrict or object to certain processing activities
• Request portability of your data

To exercise these rights, please contact us.

6. Data Retention

Personal data is retained only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. Research and operational data may be archived under pseudonymisation protocols for long-term auditing and reproducibility.

7. International Transfers

EverSphere operates global infrastructure. Where personal data is transferred across borders, we implement safeguards such as EU Standard Contractual Clauses (SCCs), UK IDTA, or equivalent frameworks to ensure lawful and secure transfer.

8. Updates to This Policy

We may update this Compliance & Privacy Policy periodically to reflect legal, technical, or organisational changes. The latest version will always be published on this page.

9. Contact Us

For questions, concerns, or requests under this policy, you may contact us at:

• EverSphere Global HQ
  Office 33
  Unit 5
  399-405 Oxford Street
  Mayfair
  London
  W1C 2BU