Search

Privacy Policy

Last Revision Date: December 1st, 2025

This Privacy Policy ("Policy") establishes the comprehensive framework under which the operators of the Services manage and process Personal Data and Non-Personal Data collected via its digital properties (the "Services"). If any part of the Services is directed to children under the age of 13, such content is clearly identified, and we do not use personalized advertising or behavioral tracking for those users, in compliance with COPPA.

Our operations are built upon a foundation of compliance with international data protection laws, including, but not limited to, the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Article 1: Principles of Data Processing

We commit to the following principles in the handling of all collected data:

Lawfulness, Fairness, and Transparency: Processing is always based on a valid legal ground and users are fully informed.

Purpose Limitation: Data is collected only for specified, explicit, and legitimate purposes.

Data Minimisation: Only data necessary for the stated purpose is collected.

Accuracy: We take reasonable steps to ensure data is accurate and up-to-date.

Storage Limitation: Data is retained only for the duration required by the purpose or legal obligation.

Integrity and Confidentiality: Processing ensures appropriate security against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Article 2: Data Subject to Processing

The data categories are defined by their collection methodology and purpose:

2.1 Explicitly Provided Personal Data (EPPD)

Data actively supplied by the data subject:

Identity Information: Full name, email address.

Demographic & Preference Data: Age bracket, language preference, or other optional information relevant to service customization.

High-Risk Data: Data categorized as Sensitive Personal Information (CCPA) or Special Categories of Personal Data (GDPR). This is only processed when: (a) Explicit Consent is obtained; or (b) Processing is necessary for the establishment, exercise, or defense of legal claims.

2.2 Indirectly Collected Information (ICI)

Data passively generated during use of the Services:

Technical Identifiers: Unique device IDs, IP addresses (used only for approximate location for regional content/advertising compliance).

Usage & Interaction Metadata: Server log data detailing page views, click-stream data, load times, and error logs.

Cookie/Pixel Data: Session and persistent identifiers used for site functionality, performance tracking, and behavioral advertising (OBA). For more information on how Google collects and uses data through its services, please refer to Google's Data Usage Policy.

Article 3: Legal Basis and Processing Rationale

We outline the legal bases upon which all processing activities rest:

Processing Activity

Legal Basis

Purpose / Notes

Internal Analytics & Optimization

Legitimate Interests

Improves platform usability and addresses technical issues.

Targeted Advertising (OBA)

Legitimate Interests / Consent

Uses pseudonymized identifiers; opt-out mechanisms provided (e.g., CCPA "Do Not Share").

Fraud Prevention & Security

Legal Obligation / Legitimate Interests

Protects platform integrity and prevents misuse.

Regulatory Compliance

Legal Obligation

Ensures adherence to statutory and international requirements.

Article 4: Data Disclosure and Third-Party Relationships

Data is only disclosed to external parties that demonstrate a robust commitment to data protection:

  1. Essential Data Processors (Vendors): Hosting, cloud services, and email processors under our instruction and DPA.
  2. Advertising Technology Ecosystem: Data shared with Ad-Tech vendors for interest-based ads; limited to non-PII or hashed/anonymized identifiers; opt-out available.
  3. Legal and Governance Compliance: Mandatory disclosure to law enforcement, courts, or regulatory bodies under lawful request.
  4. Corporate Restructuring: Treated as a business asset during acquisition, merger, or asset sale, subject to confidentiality and continued policy adherence.

Article 5: Data Subject Rights and Exercising Control

5.1 Rights of Residents in the EEA/UK (GDPR/UK GDPR)

Right to Access, Rectification, Erasure ("Right to be Forgotten")

Right to Restriction of Processing and Data Portability

Right to Object to processing based on Legitimate Interests

Right to lodge a complaint with a Supervisory Authority

5.2 Rights of California Consumers (CCPA/CPRA)

Right to Know (access categories of personal information collected)

Right to Delete (subject to exceptions)

Right to Opt-Out of Sharing personal information (cross-context behavioral advertising)

Right to Limit the Use of Sensitive Personal Information

Verification Protocol: All requests require identity verification to prevent unauthorized access or deletion.

Article 6: Security Governance and Data Integrity

6.1 Security Measures

Technical Controls: End-to-end encryption (TLS/SSL), firewall protection, intrusion detection systems.

Organizational Controls: Employee training, restricted access based on need-to-know, regular security assessments.

6.2 Data Retention Policy

Data is retained only as long as necessary for analytics, advertising, and legal compliance. At the end of the retention period, data is securely destroyed or irreversibly anonymized.

Article 7: International Data Transfer Mechanism

Data may be transferred globally. For transfers from the EEA/UK to non-adequate countries, Standard Contractual Clauses (SCCs) and supplementary measures ensure GDPR/UK GDPR protection.

Article 8: Policy Administration

This Policy is reviewed and updated annually or as necessitated by law or internal operational changes.

Contact: [email protected] 

Users may use this email to submit requests regarding their data, exercise privacy rights, or opt-out of personalized advertising. Identity verification may be required to protect user data.