PERSONAL DATA PROTECTION POLICY

Whenever you use the Dcipher platform on the website or by a mobile application, you are bound by the applicable Personal Data Protection Policy; therefore, you should carefully read this text whenever you use the platform and make sure you accept it.

At Dcipher we pay special attention to security and respect the privacy and confidentiality of users' personal data. That is why we have invested time and resources to fully comply with the applicable national, European and international legal framework, and the European Union's General Data Protection Regulation 679/2016.

If you have any questions or concerns about how your personal information is handled, you may contact us at info@dcipheranalytics.com

1. Introduction

Protection of Privacy

This Personal Data Protection Policy explains how the Dcipher platform collects, processes, discloses and protects the incoming information.

Implementation of the Personal Data Protection Policy

The Personal Data Protection Policy applies to all natural persons from whom or for the benefit of whom we receive information.

2. Personal Data

Concept

The term “personal data” means any information related to an identified or identifiable natural person. The identifiable natural person is a person whose identity can be identified directly or indirectly, in particular by reference to an identifiers such as name, address, location data, or an online identity identifier such as an Internet Protocol (IP) address.

Personal information does not include any information that, by itself, can't recognize you as a particular person or entity (e.g., anonymized information) or data collected for statistical purposes.

Processing

The personal data you may enter anywhere on the Dcipher platform is stored on Google Cloud and is subject to processing for purposes relating to: a) the development, execution, implementation and dissemination of the Dcipher platform, b) your account management and processing of your requests, c) the provision, with your consent when agreeing to this policy, of information regarding the Dcipher platform. Such a provision of information includes e-mail messages, and (d) in general, the improvement of the services we provide. Dcipher typically functions as data processor supply services to the controllers who operate activities within the Dcipher platform.

Your personal data are not allowed to be used by any third party, except as provided by the law and this Policy.

The Dcipher platform collects and processes information that is considered purely personal data, as well as other information that is not considered as such.

The Dcipher platform does not collect or process sensitive personal data, namely, data related to a user's health, sex life, sexual orientation, genetic or biometric data, or data revealing one's racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in a trade union.

When you create an account and sign up on the Dcipher platform, we collect the information you provide us including your full name, e-mail address and password. Optional information is: Birth year, Postal address, Postal number, City, Organization and Occupation. The information we collect from you may also include preferences related to the use of the Dcipher platform.

We can find the Internet Protocol (IP) to help us diagnose our server's errors and manage the Dcipher platform. The IP address is a number assigned to your computer when you are online. We may also collect data about the computer or other electronic device you may use to connect to our platform, such as details about the type and capabilities of the device (e.g. unique device identification number, camera, GPS, GPU etc.), its operating system, browser and the applications connected thereto, the services provided through the device, your internet service provider or your mobile network, the timestamp, monitor features (resolution, DPI, size) etc. We do not collect information about your actual location but about an approximate location (this is usually limited to indicating the city), which can be inferred from the IP address (Internet Protocol). In some cases, we may use cookies and similar technologies to store and access the information we collect through the provided services.

The personal data (simple and not sensitive) we collect can be automatically anonymized or at least pseudonymized and encrypted.

The personal information we collect will be only used for the defined, explicit, and legitimate purposes explained to you and will not be further processed in a manner incompatible with those purposes.

If not required by law, we will not obtain your consent before collecting your personal data from third parties such as Social Media platforms used to provide registration and login. Instead, it will be deemed that you have previously given such consent to any third party from whom the Dcipher platform receives such information.

We may use the personal data you provide when signing up and using the Dcipher platform to inform you by email about services that may be of interest, newsletters and other announcements.

We do not share your personal data with others except as described in this Personal Data Protection Policy and the Terms of Use.

The Dcipher platform may provide personal data to other persons in cases where: a) you have provided your explicit consent by clicking on the box “I accept”; b) this is required by law, court order or at the request of any other competent governmental, judicial, police, administrative or regulatory authority, upon legal request and in accordance with the relevant laws, (c) the platform is used in a manner that violates the Terms of Use or for purposes other than those for which it was intended specifically or d) the terms of this Personal Data Protection Policy and/ or Terms of Use allow and/or require such a disclosure.

Your personal information is not disclosed to other companies, third party controllers, information centers, credit institutions or other third-party service providers apart from usage for usability optimization.

The Dcipher platform makes reasonable efforts to maintain your personal data, in accordance with the terms of this Personal Data Protection Policy and the Terms of Use.

The Dcipher platform keeps personal data and other information until either the persons submitting data or the relevant data controller instructs us to delete the data. However, this period of time will not exceed five (5) years after last use of the service.

The Dcipher platform can delete information that includes, among others, comments, posts or other content of your account without sending a notice to you. The same holds true, when your account is terminated.

Information that is not personal data

In addition to the personal data, as described above, Dcipher also collects other information that is not considered personal data and cannot identify you as a specific person and can be used without restrictions.

Security

The Dcipher platform addresses the issue of protecting your anonymity and personal information very seriously. We protect your personal data and, in general, the information we receive about you, and we guarantee their confidentiality, integrity and availability using appropriate security measures, according to the most up-to-date and advanced technological methods. These measures include technical and procedural steps to protect your data from misuse, unauthorized access or disclosure, loss, alteration or destruction.

The Dcipher platform is housed in secure data center infrastructures, controlled by the company Dcipher Analytics AB (DA), based in Stockholm, Box 804, Postcode SE-101 36, Stockholm, Sweden, and legally represented, Taxpayer Identification No. SE559169926801, Tel.: +46 (0) 8 545 225 00, e-mail: info@dcipheranalytics.com.

The Dcipher platform supports security protocols (SSLs) and encryption mechanisms (HTTPS protocol) that allow secure data transmission to the network. It also uses mechanisms for access control, SQL injection, Cross-site scripting (XSS) vulnerabilities, and session hijacking security mechanisms to effectively protect data and minimize risks.

Your personal data is stored on an encrypted server, and can only be accessed by the employees authorized by the company Dcipher Analytics AB (DA), based in Stockholm, Box 804, Postcode SE-101 36, Stockholm, Sweden, and legally represented, Taxpayer Identification No. SE559169926801, Tel.: +46 (0) 8 545 225 00, e-mail: info@dcipheranalytics.com, and only when this is necessary, e.g. to handle your requests.

For your own safety, you should also treat all information provided on the platform as confidential and private and not disclose it to third parties. Where you have selected an access code that allows you to access some options of the Dcipher platform, you are solely responsible for keeping this access code. If the access code is stolen or misused, it is your sole responsibility to notify us immediately.

Cookies

Cookies are pieces of information in the form of very short alphanumeric text, stored on your computer with your own approval, and they help the more efficient operation of our platform. Cookies in no way cause harm to the user's computers or the files kept on them.

Most web browsers automatically accept and collect cookies. However, you can change the relevant settings, so that the web browser accepts all cookies or rejects all cookies or notifies you when a cookie is defined. Depending on the security settings of your web browser, you may be able to reject all cookies. If you reject all cookies, you may not be able to use the Dcipher platform.

We use three types of cookies on our website:

Session cookies. These are temporary cookies that are only active at a time when a computer user accesses the website (or, more precisely, until the user leaves the website and closes the browser). Session cookies help our website to memorize the steps that the visitor has made on the previous page, thus eliminating the need to re-enter information.

Persistent cookies. Persistent cookies remain on the visitor's computer after visiting our site. These cookies help us to identify you as a unique visitor (retaining this information as a randomly generated number). How long the cookie will remain on the user's computer will depend on the type of cookie.

Third-party cookies. These cookies remain on the visitor's computer after visiting our site and are used to help us analyze traffic to the website and user behavior on the site.

The Dcipher platform can collect information about your browser and session on our website.

The Dcipher platform maintains a log of the Internet Protocol (IP) addresses when they access any computers, servers and / or websites. An IP address alone does not allow us to collect additional personal data about you. IP addresses can be used for a number of purposes, including: a) Diagnosing and preventing service-related or technological problems reported by our users or engineers associated with IP addresses controlled by a specific web company or by an ISP b) estimation of the total number of users visiting a Dcipher PC, server and/or webpage from specific geographical areas, c) identification of users who have access rights to specific contents, services or resources provided and d) monitoring and prevention of fraud and/or abuse.

For safe browsing on the platform, Dcipher complies with the European Directive 2002/58/EC on the processing of personal data and the protection of privacy in the electronic communications sector, as amended by Directive 2009/136/EC.

Your prior consent is necessary to use cookies. An exception to this rule will be only cookies that serve the Dcipher platform's operational needs (operational cookies) and are necessary for its display and efficient operation. By accepting the Terms of Use of the Dcipher platform and this Policy it is deemed that you have consented to the use of cookies, as above.

Consent

The Dcipher platform can receive personal information about you from various sources or by different methods. The way of consent may vary depending on each source or method.

The Dcipher platform assumes that by using its services and/or accessing thereto you have read the Terms of Use and the Personal Data Protection Policy. Moreover, by providing the information, whether personal or not, you declare it to be true and accurate and have explicitly given your consent to be disclosed and processed for the purposes stated, by clicking on the relevant boxes “Accept”, unless you update the Dcipher platform that you explicitly no longer wish your information to be used. Your consent to this access/disclosure includes those cases where for the effective service provision, providers are likely to be established in the United States of America or other countries or regions outside the European Economic Area.

In the event that you transmit third-party personal data, you are responsible for informing that party about the use of his or her data and for obtaining his or her explicit consent that such information is given for the purposes explained above. In any case, the Personal Data Protection Policy applies to any information gathered from a third party.

You can revoke your consent at any time by sending an e-mail to info@dcipheranalytics.com without prejudice to the legitimacy of the consent-based processing prior to its revocation.

Ensuring the privacy of children

The Dcipher platform is exclusively addressed to persons who have reached the age of 16 and allows only them to create an account.

The Dcipher platform does not gather and/or keep information about people under the age of sixteen (16). Indeed, no part of the Dcipher platform is addressed to people under the age of sixteen (16).

Access to personal data

You are entitled to receive from the controller a confirmation of whether or not your personal data is being processed and, if so, you have the right to access your personal data, as well as (a) the purposes of the processing; (b) the relevant categories of personal data, recipients or any types of recipients to whom personal data have been or will be disclosed; (c) where possible, the period during which personal data will be stored (d) the existence of a right to request the controller to correct or delete personal data or to restrict the processing of personal data or the right to object to such processing; (f) the right to submit a complaint to a supervisory authority (g) when personal data are not collected by you, any available information about their origin; (h) the existence of automated decision-making, including profile making and important information about the philosophy followed, as well as the importance and predicted consequences of such processing for you.

You can ask the Dcipher platform to provide you with a copy of your processed personal data. For additional copies that may be required, a fee of fifteen (15) Euros is required.

Any request for access to information should be addressed to the person in charge of processing your personal data at info@dcipheranalytics.com

We will do our best to respond to your request within a reasonable time.

Rights of correction, deletion, limitation, portability and objection

The controllers are committed to ensure that your personal data is kept confidential and to ensure that you exercise your rights of access, correction, deletion, restriction, portability and objection by sending an e-mail to info@dcipheranalytics.com. If necessary, we will ask you to provide us with a photocopy of your identity card, passport or other valid documentary evidence.

Right of correction: The user is entitled to require the controller without undue delay to correct inaccurate personal data. Having regard to the purposes of the processing, the user is entitled to require the completion of incomplete personal data, including among others through a supplementary statement.

Right of deletion: The user is entitled to ask the controller to delete personal data if: a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, b) the user has revoked the consent on which the processing is based and there is no other legal basis for the processing, c) the user objects to the processing, d) the personal data have been processed illegally, e) data must be deleted so that the controller's legal obligation is respected; and (f) personal data has been collected in connection with the provision of services in the information society. Requests for deletion of personal data are processed without undue delay. In the event that personal data is disclosed, the controller, taking into account the available technology and implementation costs, shall take reasonable steps, including technical measures, to inform third parties processing such data that the platform's user has requested the deletion of any links to such data or copies or replications of personal data.

Disclaimer on Third-Party Websites

Although the Dcipher platform may contain links to third-party websites, the platform is not responsible for the privacy practices or content of such sites and expressly disclaims any liability for any loss or damage that may be caused by the use of such links. The Dcipher platform does not monitor the privacy practices or the content of such websites. If you have any questions about the privacy practices of another website other than the Dcipher platform, you should contact the website's personal data protection officer.

Customer Obligations

By using the Dcipher platform, you agree to use any information about any other user in a manner consistent with the “Terms of Use” and the “Personal Data Protection Policy”.

The user of the Dcipher platform guarantees that the provided information is correct and accurate and is committed to disclosing any changes or modifications thereof. The user is the sole responsible for any loss or damage caused to the platform or to any third party responsible for the platform as a result of incorrect, inaccurate or incomplete information in the login fields.

Additional information

When you post content on the Dcipher platform, this may include your personal data. You are solely responsible for the information that you: a) post online, b) post via the Dcipher platform and/or c) share with another website where you log in from our platform. If you post personal information online that is accessible to the public, you may receive unsolicited messages from other parties or other unwanted and potentially harmful contacts. Dcipher warns you to be careful when posting information that is accessible to the public.

Revision / Amendment of the “Personal Data Protection Policy”

The Dcipher platform reserves the right to revise or modify this “Personal Data Protection Policy”, the “Terms of Use” and other policies and agreements at any time and in any way.

Dcipher will notify you of such changes by posting the revised policies on its platform and (a) will send you a message the next time you sign in, or (b) send you an email to the address you provided when creating your account.

It is your responsibility to read the “Terms” and the “Personal Data Protection Policy” at regular intervals, since the Terms and Policy in force at the time you use the Platform are applicable.

Final provisions

If you have any complaints about our compliance with the “Personal Data Protection Policy,” we suggest that you immediately contact us. We respect and esteem the users of the Dcipher platform and their privacy. Therefore, we want to hear from you, if you have any questions about our privacy practices. You can e-mail us at info@dcipheranalytics.com.