Personal Data Processing Policy for X2AGI API Service

Version: July 20, 2025

Legal Note: This English translation is for informational purposes only. The legally binding Russian version is available at: https://x2agi.com/privacy-ru

1. General Provisions

1.1. Individual Entrepreneur XXX (TIN XXX, OGRNIP XXX) (hereinafter “Operator”) processes personal data in accordance with Federal Law No. 152-FZ “On Personal Data”.
1.2. The X2AGI service provides an API for audio/video-to-text transcription and analytical reporting.
1.3. Data processing is automated and occurs physically in Russia. No third-party services are involved

2. Processed Data

2.1. User Data:

2.2. User-Uploaded Content:

Voice recordings are not used for identification and are not classified as biometric data under Russian law.

3. Processing Purposes

4. Security Measures

5. Data Flow

Typical Processing Path:
1. User (EU/Other) → X2AGI API (Russia)
2. Processing (Russian servers only)
3. Results returned to User

Compliance Notes:
- All processing occurs physically in Russia (152-FZ compliant)
- No data copies are stored outside Russian jurisdiction

6. User Rights

Under Russian Law (152-FZ):

✅ Request access to your data
✅ Rectify or delete data
✅ Withdraw processing consent

GDPR Supplementary Rights (if applicable):

✅ Data portability (Article 20)
✅ Object to processing (Article 21)
✅ Lodge complaints with EU DPAs

Submit requests to: (response within 30 days)

7. User Responsibilities

8. GDPR Compliance (Supplementary)

For EU users where GDPR applies:
1. Lawful Basis: Processing is necessary for contract performance (Article 6(1)(b))
2. Data Transfers: Protected by Standard Contractual Clauses (SCCs)
3. DPO Contact:

9. Contacts

Data Protection Officer: IE XXX
General Inquiries:
GDPR-specific:

Full Russian version: https://x2agi.com/privacy-ru
Change History: https://x2agi.com/privacy-versions