We practice what we preach.
Human-centered AI starts with human-centered data.
Here's the uncomfortable truth about most "privacy policies":
"We value your privacy" → followed by 47 paragraphs of legal jargon that essentially say "we'll do whatever benefits us most."
At LASTHUMAN Foundation, we find this ridiculous.
If we're fighting for a future where AI serves humanity — not exploits it — we can't exploit your data while preaching ethics.
This policy is different. We'll explain what we do, what we don't do, and why it matters — in plain language, without hiding behind legalese.
Last Updated: December 31, 2025 | Next Review: June 30, 2026
Every day, millions of people mindlessly click "I Accept" on privacy policies they'll never read. Why? Because:
The result? Your data gets:
Privacy isn't about hiding. It's about dignity, autonomy, and power. When your data is misused, you lose all three.
Our tagline isn't just marketing. It's our framework for everything — including how we handle your data:
Meaning: Your data exists to serve you, not our analytics dashboard.
In practice: We collect the absolute minimum needed. No creepy tracking. No "we might need this someday" data hoarding.
Example: We don't track which article you read at 2 AM last Tuesday. We don't need to know that to support our mission.
Meaning: Complete transparency. No hidden trackers, no "legitimate interest" loopholes.
In practice: This policy is written in plain language. We explain not just what we do, but why.
Example: When we use cookies, we tell you exactly which ones and let you decide. No forced consent.
Meaning: We protect your data the way we'd want ours protected if roles were reversed.
In practice: Strong encryption, minimal retention, zero tolerance for data breaches.
Example: We encrypt everything in transit and at rest. Because "hope nobody hacks us" isn't a security strategy.
To run a functional website, we collect some basic information automatically:
Real talk: We use 0 tracking pixels, 0 third-party trackers, and 0 fingerprinting scripts.
Most websites have 20-50. We have zero.
This is entirely in your control. We collect it only if you actively provide it:
You can request deletion of any of this at any time. No questions asked.
Let's be honest: "cookies" sound delicious, but privacy cookies are often toxic.
So the site remembers if you prefer Polish, English, Spanish, etc.
Lifespan: 1 year | Can you refuse it? Yes, but you'll need to select language every visit
Ironically, we need a cookie to remember that you accepted/rejected cookies.
Lifespan: 1 year | Can you refuse it? Technically yes, but then we'll ask again every visit
We use your information for exactly five purposes. Not 47. Not "as described in our vendor agreements." Five.
That's it. Nothing else. No hidden purposes.
Short answer: Almost nobody.
Long answer: Still almost nobody.
We do not sell your data. We do not rent your data. We do not trade your data.
If a company offers us money for your information, we tell them to fuck off. (Yes, really.)
1. Essential Service Providers
All providers are GDPR-compliant, use encryption, and sign strict confidentiality agreements. We audit them regularly.
2. Legal Requirements
If a court orders us to disclose data, we're legally obligated to comply. But we'll:
3. With Your Explicit Consent
If you ask us to share your info (e.g., connecting you with a research partner), we will — but only with your clear, informed permission.
Security isn't a checkbox. It's an ongoing commitment:
All data transmission uses HTTPS/SSL. Your browser → our servers = encrypted.
Only authorized team members can access personal data. We log every access. We review logs monthly.
We delete data as soon as it's no longer needed. No "let's keep everything forever" hoarding.
Quarterly security reviews. Annual penetration testing. Continuous monitoring for vulnerabilities.
If a breach occurs, we'll notify affected users within 72 hours (GDPR requirement). Not "eventually." Within 72 hours.
Reality check: No system is 100% secure. Anyone who claims otherwise is lying.
We can't guarantee absolute security, but we can guarantee we'll do everything reasonable to protect your data — and be transparent if something goes wrong.
These aren't theoretical rights buried in legal footnotes. They're real powers you can actually use:
What it means: See all data we have about you.
How to use it: Email privacy@lasthuman.org with "Data Access Request"
When you'll get it: Within 30 days, free of charge
What it means: Fix any wrong or incomplete data.
Example: We have the wrong email? Tell us. We'll fix it immediately.
What it means: Delete your data. All of it.
Exceptions: We must keep some data if required by law (e.g., financial records for tax purposes). We'll tell you what and why.
What it means: Pause our use of your data while you verify something.
Example: You think we have wrong info? Ask us to stop using it until it's corrected.
What it means: Get your data in a machine-readable format to take elsewhere.
Format: JSON or CSV, your choice
What it means: Say "stop" to certain types of data processing.
Example: Unsubscribe from newsletters, opt out of analytics
What it means: Change your mind at any time.
No penalty: Opting out won't affect your access to our resources or community.
To exercise ANY of these rights:
Email: privacy@lasthuman.org
Response time: Maximum 30 days (usually much faster)
Cost: Free
No verification gauntlet. No "processing fees." No runaround.
We're a foundation focused on AI governance. So let's be crystal clear about AI and your data:
The difference? Consent. Transparency. Control. You'll always know what we're doing and have the option to opt out.
Why this matters: Many organizations claim to care about "ethical AI" while selling your data to train the very systems they claim to regulate. That's not just hypocritical — it's destructive.
We refuse to participate in that charade.
Our website isn't designed for kids under 13. We don't knowingly collect their data.
If you're a parent/guardian and think your child shared info with us, contact us immediately at privacy@lasthuman.org. We'll delete it within 48 hours.
We link to:
We can't control their privacy practices. Before sharing info on external sites, check their policies. (We know, it's tedious. But it matters.)
LASTHUMAN Foundation is based in Poland (EU). If you're accessing from outside the EU, your data crosses borders.
Protections in place:
Your rights remain the same regardless of where you're located.
Technology evolves. Laws change. Our practices might need to adapt.
If we update this policy, we'll:
We review this policy every 6 months. Next review: June 30, 2026.
Questions? Concerns? Requests? We're here.
Privacy Officer:
privacy@lasthuman.org
Response time: Usually within 48 hours (30 days maximum by law)
General Inquiries:
contact@lasthuman.org
Mailing Address:
LASTHUMAN Foundation
Aleja Prymasa Tysiąclecia 83
01-242 Warszawa, Poland
Complaints:
If we screw up and don't resolve it, you can file a complaint with:
Urząd Ochrony Danych Osobowych (UODO) — Poland's Data Protection Authority
uodo.gov.pl
Privacy isn't a feature. It's a right.
Most organizations treat it as a legal obligation to minimize. We treat it as a moral obligation to maximize.
We're building a future where:
That future starts with how we treat your data today.
If you think we're falling short of these commitments — tell us. We're accountable to you, our community, and the mission we serve.
Because protecting humanity in the age of AI isn't just about algorithms and regulations.
It's about treating people like people — starting with you.
— The LASTHUMAN Foundation Team