Data Governance Policy
Data Governance
Last updated: July 2025
Our Commitment
Mitochondria Ventures B.V. builds agentic AI systems responsibly. We maintain high standards for data protection, ethical AI use, and regulatory compliance across all jurisdictions where we operate.
Data Governance
Data Protection
GDPR compliant
DPDP Act 2023 compliant
Data minimisation by design
Right to erasure honored within 30 days
Cross-border transfers follow SCCs (Standard Contractual Clauses)
Data Security
Encryption at rest and in transit
ISO 27001 principles followed
Annual security assessments
Incident response within 72 hours
AI Ethics & Transparency
Our AI Principles
Human oversight maintained
Explainable AI decisions
No discriminatory algorithms
Regular bias audits
Transparency
Clients informed when AI makes decisions
Model limitations documented
No "black box" deployments
Regulatory Compliance
AI Act ready, GDPR compliant
UK GDPR, upcoming AI regulations
DPDP Act 2023, CERT-In guidelines
SOC 2 Type II (in progress)
Organisational Governance
Leadership Accountability
CEO: Overall compliance
CTO: Technical security
Designated Data Protection Officer (when >250 employees)
Review Schedule
Quarterly security reviews
Annual policy updates
Continuous compliance monitoring
Client Rights
Mitochondria does not store and master client data. Regardless, you have the right to:
Access your data
Correct inaccuracies
Delete your data
Export your data
Opt-out of automated decisions
Lodge complaints with supervisory authorities
For any queries, you may contact us.
Last updated: July 2025
Our Commitment
Mitochondria Ventures B.V. builds agentic AI systems responsibly. We maintain high standards for data protection, ethical AI use, and regulatory compliance across all jurisdictions where we operate.
Data Governance
Data Protection
GDPR compliant
DPDP Act 2023 compliant
Data minimisation by design
Right to erasure honored within 30 days
Cross-border transfers follow SCCs (Standard Contractual Clauses)
Data Security
Encryption at rest and in transit
ISO 27001 principles followed
Annual security assessments
Incident response within 72 hours
AI Ethics & Transparency
Our AI Principles
Human oversight maintained
Explainable AI decisions
No discriminatory algorithms
Regular bias audits
Transparency
Clients informed when AI makes decisions
Model limitations documented
No "black box" deployments
Regulatory Compliance
AI Act ready, GDPR compliant
UK GDPR, upcoming AI regulations
DPDP Act 2023, CERT-In guidelines
SOC 2 Type II (in progress)
Organisational Governance
Leadership Accountability
CEO: Overall compliance
CTO: Technical security
Designated Data Protection Officer (when >250 employees)
Review Schedule
Quarterly security reviews
Annual policy updates
Continuous compliance monitoring
Client Rights
Mitochondria does not store and master client data. Regardless, you have the right to:
Access your data
Correct inaccuracies
Delete your data
Export your data
Opt-out of automated decisions
Lodge complaints with supervisory authorities
For any queries, you may contact us.
