Privacy Policy

1. Introduction

This Privacy Policy is designed to help you understand how Hidden Brains Infotech FZCO (“We”, “Us”, “Licensor”, or “Our”) collects, uses, processes, stores, and protects your data when you access or use the datumsAI platform and its associated AI‑powered services (collectively, the “datumsAI”).

By using the Services, you (“You”, “Your”, or “Licensee”) acknowledge and agree to the terms outlined in this Privacy Policy, including the collection, transfer, processing, storage, disclosure, and other uses of your information as described herein.

We ask for only the least amount of information necessary, gathering only what we believe is essential for doing business, or for the specific transaction at hand. We let customers know the information we have on them and allow them to opt out of specific engagements. The goal of this Policy is to make explicit the information we gather, how we will use it, and how we will not.

2. Scope and Roles

1. 2.1 Scope of this Privacy Policy
   

   This Privacy Policy applies to the use of the datumsAI solution and related services by customers, users, and other stakeholders who interact with datumsAI, including where personal data is processed in the context of such use.

1. 2.2 Data Protection Roles

• Licensor (or its operating entity) may act as a data controller / data fiduciary for personal data it collects and determines the purposes and means of processing (for example, user account data, billing details, and communications).
• Licensor may act as a data processor / data trustee where it processes personal data on behalf of its customers in accordance with their documented instructions (for example, data stored within datumsAI by the Licensee).

3. Definitions

For the purposes of this Privacy Policy:

1. 3.1 User Account / License means a unique account created for You to access our Service or parts of our Service.
2. 3.2 Cookies are small files that are placed on your computer, mobile device, or any other device by a website, containing the details of your browsing history on that website among its many uses.
3. 3.3 Device means any device that can access the Service such as a computer, a laptop, or a digital tablet.
4. 3.4 Personal Data is any information that relates to an identified or identifiable individual.
5. 3.5 Purpose has the meaning given in the “Use of Your Personal Data” / “Purposes of Processing” sections below.
6. 3.6 Service refers to the datumsAI solution and related services.
7. 3.7 Service Provider means any natural or legal person who processes the data on behalf of the Licensee, including third‑party companies or individuals employed by the Licensee to facilitate the Service, to provide the Service on behalf of the Licensee, to perform services related to the Service, or to assist the Licensee in analyzing how the Service is used.
8. 3.8 Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
9. 3.9 You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
10. 3.10 “Personal Data”, “Processing”, “Controller”, “Processor”, “Data Subject”, “Data Fiduciary” and “Data Principal” shall have the meanings given to them under the GDPR and the Digital Personal Data Protection Act, 2023, as applicable.

4. Information We Collect

This part deals with how Licensor collects and uses information about website visitors, potential customers, users of Licensor's products and services, and others who contact Licensor through forms or email addresses published on or linked to our websites.

We collect information about you only if we need the information for some legitimate purpose. Licensor will have information about you only if (a) you have provided the information yourself, (b) Licensor has automatically collected the information, or (c) Licensor has obtained the information from a third party.

4.2 Information That You Provide Us

1. 4.2.1 Account Signup
   When you sign up for an account to access one or more of our services, we ask for information like your name, contact number, email address, company name, and country, etc. to complete the account signup process. You will also be required to choose a unique username and a password for accessing the created account. You may also provide us with more information such as your photo, time zone, and language, but we do not require that information to sign up for an account.
2. 4.2.2 Payment Processing
   When you buy something from us, we ask you to provide your name, contact information, and credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiry date, and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our payment gateway service providers.
3. 4.2.3 Testimonials
   When you authorize us to post testimonials about our products and services on websites, we may include your name and other personal information in the testimonial. If you wish to update or delete your testimonial, you can contact us at [email protected].
4. 4.2.4 Interactions with Licensor
   We may record, analyze, and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, for improving our

4.3 Information That We Collect Automatically

1. 4.3.1 Information from Browsers, Devices and Servers
   When you visit our websites, we collect information that web browsers, mobile devices, and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer, and mobile network information. We include these in our log files to understand more about visitors to our websites.
2. 4.3.2 Information from Cookies and Tracking Technologies
   We use temporary and permanent cookies to identify users of our services and to enhance user experience. We embed unique identifiers in our downloadable products to track usage of the products. We also use cookies, beacons, tags, scripts, and other similar technologies to identify visitors, track website navigation, gather demographic information about visitors and users, understand email campaign effectiveness, and for targeted visitor and user engagement by tracking your activities on our websites.
   
   We mostly use first‑party cookies and do not use third‑party cookies or other third‑party tracking technologies on our websites for non‑essential or intrusive tracking. We also use first‑party Local Storage Objects (LSOs) such as HTML5 to store content information and preferences to provide certain features.
3. 4.4.3 Information from Social Media Sites and Other Publicly Available Sources
   When you provide feedback or reviews about our products, interact, or engage with us on marketplaces, review sites, or social media sites such as Facebook, Twitter, LinkedIn, and Instagram through posts, comments, questions, and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites.
   
   Once collected, this information may remain with us even if you delete it from these sites. datumsAI may also add and update information about you from other publicly available sources.

4.4 Information That We Collect from Third Parties

1. 4.4.1 Referrals
   If someone has referred any of our products or services to you through any of our referral programs, that person may have provided us your name, email address, and other personal information. You may contact us at [email protected] to request that we remove your information from our database. If you provide us information about another person, or if another person gives us your information, we will only use that information for the specific reason for which it was provided to us.
2. 4.4.2 Information from Our Reselling Partners and Service Providers
   If you contact any of our reselling partners, or otherwise express interest in any of our products or services to them, the reselling partner may pass your name, email address, company name, and other information to us. If you register for or attend an event that is sponsored by Licensor, the event organizer may share your information with us. Licensor may also receive information about you from review sites if you comment on any review of our products and services, and from other third‑party service providers that we engage for marketing our products and services.
3. 4.4.3 Information from Social Media Sites and Other Publicly Available Sources When you provide feedback or reviews about our products, interact, or engage with us on marketplaces, review sites, or social media sites such as Facebook, Twitter, LinkedIn, and Instagram through posts, comments, questions, and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites.
   Once collected, this information may remain with us even if you delete it from these sites. datumsAI may also add and update information about you from other publicly available sources.

5. Legal Bases and Purposes of Processing

5.1 Legal Bases for Processing

Where required under applicable data protection laws, including the GDPR and the Digital Personal Data Protection Act, 2023, we process Personal Data only where we have a valid legal basis.

1. 5.1.1 Consent
   We process Personal Data where you have provided your clear and informed consent. This includes the use of non‑essential cookies, sending marketing communications, or processing data for specific optional features. You may withdraw your consent at any time; withdrawal will not affect processing that has already taken place based on consent.
2. 5.1.2 Performance of a Contract
   We process Personal Data where it is necessary to perform our contractual obligations with you or to take steps prior to entering into a contract. This includes providing, configuring, and operating the datumsAI solution, managing user accounts and licenses, processing transactions, authenticating users, and delivering customer support.
3. 5.1.3 Legitimate Interests
   We may process Personal Data where it is necessary for our legitimate business interests (or those of a third party), provided that such interests are not overridden by your fundamental rights and freedoms. These interests include ensuring the security, integrity, and performance of our systems and services; improving, enhancing, and personalizing the solution; communicating important service updates and operational notices; and conducting analytics, research, and generating aggregated or de-identified insights.
   
   Where we rely on legitimate interests as a legal basis and those legitimate interests are not specified above, we will clearly explain to you what those legitimate interests are at the time that we collect your information.
4. 5.1.4 Compliance with Legal Obligations
   We process Personal Data where necessary to comply with applicable legal and regulatory obligations, including tax, accounting, audit requirements, and responding to lawful requests from public authorities, courts, or regulators.

5.2 Purposes of Processing

In particular, we use Personal Data for the following purposes:

• Delivery and Operations: To provide, maintain, support, and improve the solution, ensure system functionality, and manage user access and accounts, including to train and improve underlying algorithms that power our technology (including AI/ML), where permitted by law.
• Sales, marketing, and communications: To respond to inquiries, provide requested information, send updates or promotional communications (where permitted by law and subject to your preferences), keep you posted on new products and services, upcoming events, offers, promotions, and other information that we think will be of interest to you, and ask you to participate in surveys or provide feedback.
• Research and improvement: To understand and analyze how you use our Service, develop new products, services, features, and functionality, analyze trends, administer our websites, and monitor and improve marketing campaigns.
• Compliance, security, and risk management: To detect and prevent fraudulent transactions and other illegal activities, prevent spam, protect the rights and interests of Licensor, meet legal and regulatory requirements, and enforce our agreements and policies.

5.3 Detailed Use of Your Personal Data

The Company may use Personal Data for the following purposes:

1. 5.3.1 To provide and maintain our Service, including to monitor the usage of our Service.
2. 5.3.2 To manage Your Account / License, including managing Your registration as a user of the Service and enabling the functionalities of the Service that are available to You as a registered user.
3. 5.3.3 For the performance of a contract, including the development, compliance, and undertaking of contracts for products, items, or services you have purchased or any other contract with Us through the Service.
4. 5.3.4 To contact You by email, telephone calls, SMS, WhatsApp, or other equivalent forms of electronic communication, such as mobile application push notifications, regarding updates or informative communications related to functionalities, products, or contracted services, including security updates when necessary.
5. 5.3.5 To provide You with news, special offers, and general information about goods, services, and events which we offer that are similar to those that you have already purchased or enquired about, unless You have opted not to receive such information.
6. 5.3.6 To manage Your requests, including attending to and managing requests submitted to Us.
7. 5.3.7 For business transfers, including evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets.
8. 5.3.8 For other purposes, such as data analysis, identifying usage trends, determining the effectiveness of promotional campaigns, and evaluating and improving our Service, products, services, marketing, and your experience.
9. 5.3.9 Marketing of Services and Involvement of Third Parties :
   We may contact you from time to time regarding products or services that may be relevant to your business. Where permitted by law or based on your explicit consent, we may collaborate with selected partners to offer related products or services. Such partners may act either as independent controllers or as processors depending on the nature of the engagement. Where your Personal Data is shared with a third party, it will be processed strictly in accordance with our documented instructions or pursuant to your explicit consent. We do not sell your Personal Data. You may opt out of receiving marketing communications at any time by using the unsubscribe link provided in our emails or by contacting us.

6. Your Choices in Information Use

1. 6.1 Opt‑Out of Non‑Essential Electronic Communications
   You may opt out of receiving informational updates and other non‑essential messages by using the “unsubscribe” function included in all such messages. However, you will continue to receive essential notices and emails such as account notification emails (password changes, renewal reminders, etc.), security incident alerts, security and privacy updates, and essential transactional and payment‑related emails.
2. 6.2 Disable Cookies
   You can disable browser cookies before visiting our websites. However, if you do so, you may not be able to use certain features of the websites properly.
3. 6.3 Optional Information
   You can choose not to provide optional profile information such as your photo. You can also delete or change your optional profile information. You can always choose not to fill in non‑mandatory fields when you submit any form linked to our websites.

7. Sharing and Disclosure of Your Information

All Licensor entities have access to the information covered in this part. We do not sell any personal information. We share your information only in the ways that are described in this Privacy Policy, and only with parties who adopt appropriate confidentiality and security measures.

1. 7.1 Employees and Independent Contractors
   Employees and independent contractors of relevant Licensor entities have access to the information covered in Part I on a need‑to‑know basis. We require all employees and independent contractors of Licensor group entities to follow this Privacy Policy for personal information that we share with them.
2. 7.2 Third‑Party Service Providers
   We may need to share your personal information and aggregated or de‑identified information with third‑party service providers that we engage, such as marketing and advertising partners, event organizers, web analytics providers, and payment processors. These service providers are authorized to use your personal information only as necessary to provide these services to us.
3. 7.3 Reselling Partners
   We may share your personal information with our authorized reselling partners in your region, solely for the purpose of contacting you about products that you have downloaded or services that you have signed up for. We will give you an option to opt out of continuing to work with that partner.
4. 7.4 Marketplace Application Developers
   When you install or purchase any application developed using datumsAI's APIs that is posted on datumsAI's online marketplace, your name and email address will be shared with the developer of the application, so they may engage with you directly as the provider of that application or service. Licensor does not control the use of your personal information by the developers, which will be based on their own privacy policies.
5. 7.5 Analytics Partners
   We may use third‑party analytics services such as Google Analytics to collect and process certain analytics data. Google Analytics may also collect information about your use of other websites, apps, and online resources.
6. 7.6 As Required by Law and Similar Disclosures
   We may access, preserve, and disclose your information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others' rights, property, or safety.
7. 7.7 Merger, Sale, or Other Asset Transfers
   We may transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets. The use of your information following any of these events will be governed by the provisions of this Privacy Policy in effect at the time the applicable information was collected.
8. 7.8 Other Cases
   Other scenarios in which we may share information that are common to information covered under Parts I and II are described in Part III of this Policy (including in the “Information We Process on Your Behalf” and “General” sections).

8. Information We Process on Your Behalf

1. 8.1 General
   This part deals with how datumsAI handles data that you entrust to datumsAI when you use our products and services, or when you share any personal or confidential information with us while requesting customer support.
2. 8.2 Information Entrusted to Licensor and Purpose
   You or your organization may entrust information that you control to Licensor in connection with use of our services or for requesting technical support for our products. This includes information regarding your customers and your employees (if you are a controller) or data that you hold and use on behalf of another person for a specific purpose (if you are a processor). The data may either be stored on our servers when you use our services, or transferred or shared to us as part of a request for technical support or other services. All such information is collectively termed “service data”.
3. 8.3 Ownership and Control of Your Service Data
   We recognize that you own your service data. We provide you complete control of your service data by providing you the ability to access your service data and to share your service metadata through supported third‑party integrations.
4. 8.4 How We Use Service Data
   We process your service data when you provide us instructions through the various modules of our services.
5. 8.5 Who We Share Service Data With
1. 8.5.1 Licensor and Third‑Party Sub‑Processors
   In order to provide services and technical support for our products, the contracting entity within Licensor engages other group entities and third parties as sub‑processors, subject to appropriate contractual and security safeguards.
2. 8.5.2 Employees and Independent Contractors
   We may provide access to your service data to our employees and individuals who are independent contractors of Licensor entities involved in providing the services (collectively our “employees”) so that they can identify, analyze, and resolve errors, manually verify emails reported as spam to improve spam detection, or manually verify scanned images that you submit to us to verify the accuracy of optical character recognition. We ensure that access by our employees to your service data is restricted to specific individuals, and is logged and audited. Our employees will also have access to data that you knowingly share with us for technical support or to import data into our products or services. We communicate our privacy and security guidelines to our employees and strictly enforce privacy safeguards within datumsAI.
3. 8.5.3 Collaborators and Other Users
   Some of our products or services allow you to collaborate with other users or third parties. Initiating collaboration may enable other collaborators to view some or all of your profile information and certain service data, depending on how you configure access.
4. 8.5.4 Third‑Party Integrations
   Most of our products and services support integrations with third‑party products and services. In case of third‑party integrations, you may be allowing the third party to access your service data and personal information about you. We encourage you to review the privacy practices of the third‑party services.
5. 8.5.5 Other Cases
   Other scenarios in which we may share service data that are common to information covered under Parts I and II are described in Part III of this Policy.

9. General

1. 9.1 Automation
   In order to provide enhanced productivity and predictive capabilities to our users, we employ a variety of technologies such as artificial intelligence and machine learning, in keeping with Licensor's promise not to exploit your data in a way that is not respectful of your privacy and confidentiality expectations.
2. 9.2 External Links on Our Websites
   Some pages of our websites may contain links to websites that are not subject to this Privacy Policy. If you submit your personal information to any of these third‑party sites, your personal information is governed by their privacy policies. As a safety measure, we recommend that you not share any personal information with these third parties unless you have checked their privacy policies and assured yourself of their privacy practices.
3. 9.3 Blogs and Forums
   We offer publicly accessible blogs and forums on our websites. Please be aware that any information you provide on these blogs and forums may be used to contact you with unsolicited messages. We urge you to be cautious in disclosing personal information in our blogs and forums. Licensor is not responsible for the personal information you elect to disclose publicly. Your posts and certain profile information may remain even after you terminate your account with datumsAI. To request the removal of your information from our blogs and forums, you can contact us at [email protected].
4. 9.4 Disclosures in Compliance with Legal Obligations
   We may be required by law to preserve or disclose your personal information and service data to comply with any applicable law, regulation, legal process, or governmental request, including to meet national security requirements.
5. 9.5 Enforcement of Our Rights
   We may disclose personal information and service data to a third party if we believe that such disclosure is necessary for preventing fraud, spam filtering, investigating any suspected illegal activity, enforcing our agreements or policies, or protecting the safety of our users.
6. 9.6 Business Transfers
   We do not intend to sell our business. However, in the unlikely event that we sell our business or get acquired or merged, we will ensure that the acquiring entity is legally bound to honor our commitments to you. We will notify you via email or through a prominent notice on our website of any change in ownership or in the uses of your personal information and service data. We will also notify you about any choices you may have regarding your personal information and service data.

10. Retention of Information

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, contractual, accounting, or reporting requirements.

We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen security or to improve the functionality of our Service, or where we are legally obligated to retain this data for longer periods.

We will delete or return all Licensee data upon agreement termination as per this Policy and applicable contractual commitments, subject to any legal retention obligations.

11. Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. This means that this information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to such transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and that no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

12. Security

We make reasonable efforts to protect your information by using safeguards designed to improve the security of the information we maintain. However, as no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information.

13. Children

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our Service is directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at [email protected].

14. Your Rights

You have certain rights and protections regarding the processing of your personal information, subject to applicable law.

1. 14.1 Right of Access and Portability
   You have the right to access (and obtain a copy of, if required) the personal information that you have shared with us. You may also request a machine‑readable copy of the personal information that you have directly provided to us, and request information about its processing, where required by law.
2. 14.2 Right to Rectification
   You have the right to update the information we hold about you or to rectify any inaccuracies. Based on the purpose for which we use your information, you can instruct us to add supplemental information about you in our database.
3. 14.3 Right to Erasure
   You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected, or where required by law.
4. 14.4 Right to Restriction of Processing
   You may have the right to request that we restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
5. 14.5 Right to Data Portability
   Where technically feasible and required by applicable law, you have the right to request that your information be transferred to a third party in a structured, commonly used, and machine‑readable format, in circumstances where the information is processed with your consent or by automated means.
6. 14.6 Right to Object
   You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.
7. 14.7 Right to Withdraw Consent
   Where we rely on your consent as the legal basis for processing, you have the right to withdraw your consent at any time, free of charge. We will apply your preferences going forward and this will not affect the lawfulness of processing before you withdraw your consent.
8. 14.8 How to Exercise Your Rights; Limitations
   You may exercise your rights by contacting us using the contact details at the end of this Policy. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain personal information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
   
   In addition, certain choices may make it impossible to provide our Service. For instance, if you ask us to delete all your personal information and no exception applies, we will no longer be able to provide the Service since certain personal information, such as an email address, is required to provide the Service. We will inform you when you need to permanently delete your account in order to satisfy a request you have made, where applicable.
9. 14.9 Right to Complain
   You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use, or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country.

15. Compliance with this Privacy Policy and Updates

1. 15.1 Compliance with this Privacy Policy
   We make every effort, including periodic reviews, to ensure that personal information you provide is used in conformity with this Privacy Policy. If you have any concerns about our adherence to this Privacy Policy or the manner in which your personal information is used, kindly write to us at [email protected]. We will contact you, and if required, coordinate with the appropriate regulatory authorities to effectively address your concerns.
2. 15.2 Changes to this Policy
   We may update this Policy from time to time. We will make such changes by posting the new Policy on this page. You are advised to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.