Legal

Privacy Policy

Last updated: May 2026

1. Who we are

Secure AI Futures Lab (SAFL) is a research and policy organisation operated under Impact Academy. Our registered address is in India. References to "SAFL", "we", "us", or "our" in this policy refer to Secure AI Futures Lab.

2. What information we collect

We collect information you provide directly to us, including:

  • Newsletter subscriptions: Your email address when you sign up for The Quarterly.
  • Event registrations: Name, email, organisation, and any other details submitted via registration forms.
  • Enquiries: Contact information and message content when you reach out to us.
  • Fellowship & collaboration applications: Professional background, CV, and any supporting material you submit.

We also collect limited technical data automatically, including:

  • Pages visited and time spent (via anonymised analytics)
  • Browser type and device category
  • Referring URL

We do not use cookies for advertising or cross-site tracking.

3. How we use your information

We use the information we collect to:

  • Send The Quarterly newsletter and event communications you have opted into
  • Process event registrations and fellowship applications
  • Respond to enquiries
  • Understand how people use our website so we can improve it
  • Meet any legal obligations

We will never sell your personal data or share it with third parties for marketing purposes.

4. Legal basis for processing (GDPR / India DPDP)

Where applicable, we rely on the following legal bases:

  • Consent — for newsletter subscriptions and optional communications. You may withdraw consent at any time.
  • Legitimate interests — for website analytics and improving our services.
  • Contract — to fulfil obligations related to event registrations and applications.

5. Data retention

We keep your data only as long as necessary for the purpose it was collected. Newsletter subscriber data is retained until you unsubscribe. Application data is retained for up to 24 months. Website analytics data is anonymised after 26 months.

6. Third-party services

We use a small number of trusted third-party services to operate the site — including Substack for newsletter delivery and standard cloud hosting providers. These services are contractually bound to process data only on our behalf.

7. Your rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Withdraw consent at any time (for consent-based processing)
  • Object to or restrict certain types of processing

To exercise any of these rights, email us at team@secureaifutureslab.com.

8. Security

We take reasonable technical and organisational measures to protect your data from unauthorised access, loss, or misuse. No method of transmission over the internet is completely secure, but we work to protect personal information to the best of our ability.

9. Changes to this policy

We may update this privacy policy from time to time. We will notify newsletter subscribers of material changes and update the "last updated" date at the top of this page.

10. Contact

Questions about this policy or our data practices? Write to us at team@secureaifutureslab.com.