What is the AI Operator Score?

The AI Operator Score is PeraByte Labs' assessment of how well a professional operates AI rather than just uses it. It measures capability across 10 modules and produces a personalised training program calibrated to your role, level, and goal.

Who is the AI mastery program for?

Professionals who want to move beyond using AI to actually operating it: deciding what AI builds, what it ships, and what it ignores. The advantage that mattered last year, knowing AI exists, just expired. The new gap is operational.

How long does the AI Operator Score assessment take?

Two modes. Quick: 5 minutes, 4 steps, self-assess your level across 10 modules. Precise: 10 minutes, 70 questions, get your full AI Operator Score plus a program built to close every gap.

What are the 12 Core Skills for children?

A life-skills curriculum covering the twelve human capabilities AI cannot replace: deciding which problem matters, holding focus when work is hard, recovering from setbacks, reading the room, and the related habits of judgement, persistence, and social awareness that AI will not provide for the next generation.

What age range is the children's program for?

Ages 6 to 18. The curriculum is sequenced by developmental stage.

When does the children's program launch?

Q3 2026. Founding pricing is available for the first 100 families.

Where is PeraByte Labs based?

Amsterdam, Netherlands. PeraByte Labs is a sub-brand of Pera Meta B.V. The team has degrees in child development, psychology, business administration, and engineering, and has shipped over 40 AI products inside global enterprises.

Privacy Policy

Last Updated: 14 May 2026

This Privacy Policy explains how Pera Meta B.V. (trading as PeraByte Labs) collects, uses, shares, stores, and protects your personal data when you use perabytelabs.com and related services (the "Service").

We are committed to processing personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the Dutch GDPR Implementation Act (Uitvoeringswet AVG, "UAVG"), and other applicable privacy laws.

1. Who We Are (Data Controller)

The data controller responsible for your personal data is:

Pera Meta B.V. (trading as PeraByte Labs)
Minervalaan 33, 1077 NL Amsterdam, the Netherlands
Chamber of Commerce (KvK): 42015001
VAT (BTW): 869300118B01

Privacy contact: [email protected]
General contact: [email protected]

We have not appointed a Data Protection Officer because appointment is not mandatory under Article 37 GDPR for our current processing activities.

2. Scope

This Privacy Policy applies to personal data collected through:

perabytelabs.com;
your Account;
checkouts and purchases;
educational assessments and questionnaires;
personalised learning and recommendation features;
AI-assisted features;
emails and communications;
support requests; and
related services operated by PeraByte Labs.

This Privacy Policy does not apply to third-party websites, services, courses, educators, platforms, or applications linked from our Service. Those third parties operate independently and have their own privacy policies.

3. Data Minimisation

We aim to collect only the minimum personal data reasonably necessary to operate, secure, improve, personalise, and provide the Service.

4. What Data We Collect and Why

We collect personal data only for the purposes described below.

4.1 Account Creation and Login

Data:

name;
email address;
Google account identifier (if using Google OAuth);
encrypted authentication tokens.

Purpose:

creating and maintaining your Account;
authenticating users;
providing access to the Service.

Legal Basis: Performance of a contract (Art. 6(1)(b) GDPR).

Retention: For the lifetime of your Account plus 30 days after closure.

4.2 Orders, Payments, and Invoices

Data:

name;
email;
billing address;
order details;
transaction references.

Payment card details are processed directly by Stripe and are not stored by us.

Purpose:

processing purchases;
delivering the Service;
issuing invoices;
complying with tax and accounting obligations.

Legal Basis:

performance of a contract (Art. 6(1)(b));
legal obligation (Art. 6(1)(c)).

Retention: 7 years from the end of the relevant financial year under Dutch tax law.

4.3 Customer Support

Data:

contact details;
support correspondence;
information voluntarily shared by you.

Purpose:

responding to requests;
troubleshooting;
improving customer support.

Legal Basis:

performance of a contract (Art. 6(1)(b));
legitimate interest in providing support (Art. 6(1)(f)).

Retention: 2 years after closure of the support request.

4.4 Service Usage and Analytics

Data:

aggregated usage statistics;
approximate visitor counts;
device/browser metadata;
technical interaction data.

Purpose:

understanding usage patterns;
improving the Service;
measuring platform performance and stability.

Legal Basis: Legitimate interest in improving and operating the Service (Art. 6(1)(f)).

We currently use Vercel Web Analytics, which is designed to operate without cookies and without directly identifying visitors.

We do not currently use:

advertising cookies;
cross-site tracking;
behavioural advertising technologies.

4.5 Marketing Communications

Data:

name;
email;
marketing preferences;
basic email engagement metrics.

Purpose:

sending newsletters;
product updates;
educational announcements;
promotional communications.

Legal Basis: Consent (Art. 6(1)(a)).

Retention: Until consent is withdrawn plus 30 days for processing.

You may unsubscribe at any time using the unsubscribe link or by contacting [email protected].

4.6 Security, Fraud Prevention, and Server Logs

Data:

IP address;
browser type;
device information;
timestamps;
requested pages;
technical logs;
error reports.

Purpose:

protecting platform security;
preventing abuse and fraud;
monitoring system integrity;
troubleshooting technical issues.

Legal Basis: Legitimate interest in maintaining a secure service (Art. 6(1)(f)).

Retention: Typically up to 90 days unless longer retention is necessary for security investigations or legal compliance.

4.7 Legal and Regulatory Compliance

Data: Any information reasonably required to comply with applicable law.

Purpose:

complying with legal obligations;
responding to lawful requests;
maintaining records required by law.

Legal Basis: Legal obligation (Art. 6(1)(c)).

Retention: As required by applicable law.

4.8 Assessments, Progress Tracking, and Personalised Curriculum

Data:

assessment responses;
subject-matter knowledge indicators;
scores;
learning progress;
engagement metrics;
modules completed;
curriculum recommendations;
personalised learning pathways.

Purpose:

assessing current knowledge levels;
generating personalised curricula;
adapting educational recommendations;
tracking progress;
improving educational relevance.

Legal Basis: Performance of a contract (Art. 6(1)(b)).

Adaptive and personalised learning functionality is a core part of the Service.

Retention: For the lifetime of your Account plus 30 days after closure.

4.9 AI-Assisted Features

Some features of the Service may use artificial intelligence, machine learning, large language models, automation, or algorithmic systems to generate:

educational recommendations;
summaries;
rankings;
assessments;
conversational responses;
curriculum suggestions; or
personalised guidance.

Data:

prompts and responses;
assessment data;
interaction history;
educational preferences;
usage behaviour relevant to the feature.

Purpose:

providing AI-assisted educational features;
improving recommendation quality;
personalising user experiences;
maintaining system performance and safety.

Legal Basis:

performance of a contract (Art. 6(1)(b));
legitimate interest in improving the Service (Art. 6(1)(f)).

We do not use your personal data to train public AI models unless explicitly disclosed and separately consented to.

AI-generated outputs may be inaccurate, incomplete, outdated, or unsuitable for your circumstances.

4.10 Publicly Available Information

Some educational profiles, creator descriptions, educator summaries, rankings, or expert information available through the Service may be compiled from publicly available sources for informational and discovery purposes.

4.11 Is Providing Data Optional?

Providing data under sections 4.1 and 4.2 is necessary to create an Account or purchase Services.

Providing assessment and curriculum information under sections 4.8 and 4.9 is necessary to receive personalised educational recommendations and adaptive learning functionality.

Marketing communications are entirely optional.

5. Sensitive Data

Please do not submit sensitive personal data through the Service unless specifically requested and necessary for the functionality provided.

This includes:

health information;
biometric data;
political opinions;
religious beliefs;
trade union membership;
criminal records; or
highly confidential personal or business information.

The Service is not intended for processing special categories of personal data under Article 9 GDPR.

6. Who We Share Your Data With

We do not sell your personal data.

We share personal data only where reasonably necessary to operate the Service.

6.1 Processors We Use

Processor	Purpose	Processing Location
Supabase (Supabase Inc.)	Database and authentication backend	EU (AWS eu-west-1, Ireland)
Vercel (Vercel Inc.)	Website hosting and analytics	EU region where configured; limited operational metadata may be processed in the US
Resend (Resend Inc.)	Transactional and marketing email delivery	United States
Stripe (Stripe Payments Europe Ltd)	Payment processing	EU and US
Google (Google Ireland Ltd)	Authentication via Google OAuth	EU and US

Each processor is bound by a Data Processing Agreement under Article 28 GDPR.

We may add, remove, or replace processors from time to time.

6.2 Other Recipients

We may disclose personal data to:

professional advisors under confidentiality obligations;
regulators, courts, or authorities where legally required;
insurers, auditors, or legal representatives where necessary;
a successor entity in the event of a merger, restructuring, acquisition, financing transaction, or sale of assets.

7. International Transfers

Some processors are located outside the European Economic Area (EEA), including in the United States.

Where personal data is transferred internationally, we rely on appropriate safeguards under GDPR Chapter V, including:

the EU-US Data Privacy Framework where applicable;
the European Commission Standard Contractual Clauses (Decision 2021/914);
supplementary technical and organisational safeguards where appropriate.

You may request additional information regarding international transfer safeguards by contacting [email protected].

8. Cookies and Similar Technologies

We currently use only strictly necessary cookies required for core platform functionality, such as authentication and session management.

These cookies do not require consent under applicable Dutch and EU law.

We do not currently use:

advertising cookies;
cross-site tracking technologies;
behavioural advertising technologies.

If we introduce non-essential cookies in the future, we will update this Privacy Policy and implement an appropriate consent mechanism before doing so.

You may block cookies through your browser settings, although doing so may affect platform functionality.

9. Profiling and Automated Decision-Making

We use profiling within the meaning of Article 4(4) GDPR to personalise educational recommendations, learning pathways, assessments, rankings, and content presentation.

This profiling may use:

assessment responses;
interaction patterns;
progress indicators;
engagement metrics;
educational interests;
learning behaviour.

The purpose of this profiling is educational personalisation and adaptive learning.

This profiling does not produce decisions with legal or similarly significant effects within the meaning of Article 22 GDPR.

It does not:

determine legal rights;
affect pricing;
determine employment eligibility;
determine creditworthiness;
restrict contractual rights.

Personalised educational adaptation is a core part of the Service and therefore certain related processing is necessary for performance of the contract under Article 6(1)(b) GDPR.

You may still:

access your data;
correct inaccurate data;
export your data;
close your Account;
object to processing based on legitimate interests where applicable.

10. Your Rights

Under GDPR and UAVG, you have the following rights:

right of access (Art. 15);
right to rectification (Art. 16);
right to erasure (Art. 17);
right to restriction of processing (Art. 18);
right to data portability (Art. 20);
right to object (Art. 21);
right to withdraw consent (Art. 7(3));
rights relating to automated decision-making (Art. 22).

To exercise your rights, contact [email protected].

We will normally respond within one month.

We may request identity verification before fulfilling requests.

11. Right to Lodge a Complaint

If you believe your personal data has been handled improperly, you may lodge a complaint with the Dutch Data Protection Authority:

Autoriteit Persoonsgegevens (AP)
P.O. Box 93374
2509 AJ The Hague
The Netherlands

Website: autoriteitpersoonsgegevens.nl

You may also complain to your local supervisory authority within the EEA.

We encourage you to contact us first at [email protected].

12. Security

We implement appropriate technical and organisational measures to protect personal data, including:

encryption in transit (TLS);
encryption at rest where appropriate;
access controls;
least-privilege access management;
multi-factor authentication for administrative access;
infrastructure monitoring;
dependency and security reviews;
use of reputable service providers maintaining recognised security standards where applicable.

No method of storage or transmission can be guaranteed fully secure.

13. Data Breach Notification

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours in accordance with Article 33 GDPR.

Where legally required, we will also notify affected individuals.

14. Children

The Service is not directed to children.

We do not knowingly collect personal data from anyone under the age of 16.

If you believe a child has provided personal data to us, contact [email protected].

Our Terms of Service additionally require users to be at least 18 years old to enter into binding contracts.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, our Services, or our business operations.

For material changes affecting how we process personal data, we will provide reasonable notice before the changes take effect.

Minor changes and clarifications take effect upon posting.

The "Last Updated" date reflects the latest version.

16. Contact

For privacy questions, requests, or concerns:

Pera Meta B.V. (trading as PeraByte Labs)
Minervalaan 33, 1077 NL Amsterdam, the Netherlands

Privacy contact: [email protected]
General contact: [email protected]

KvK: 42015001
VAT (BTW): 869300118B01