top of page
MasterLogo_horizontal_PURPLE_transparent background.png

Privacy Policy

Last updated: 22 October 2024

At Cymph OÜ  (“Cymph”, “we”, “us”, “our”), your privacy is of utmost importance. This Privacy Policy outlines how we collect, use, and protect your personal data when you access or use our website at https://www.cymph.io/ or our platform at https://app.cymph.io/ (these different environments are referred to as the “Service”, "Website", “Platform”).

​

Cymph OÜ, registered at Harju maakond, Viimsi vald, Haabneeme alevik, Nurme põik 27-3, 74001, is the data controller responsible for the collection and processing of your personal data. If you have any questions or concerns regarding this Privacy Policy, you can reach us at legal@cymph.io.

​

By using the Service, you agree to the collection and use of your personal data in accordance with this Privacy Policy and applicable laws based on your location, including the General Data Protection Regulation (GDPR).

​

1. Information We Collect

 

We collect various types of information in order to provide and improve our services:

​

1.1 Personal Data

 

Personal data refers to any information that can identify you. The types of personal data we collect include:

  • Contact Information: Your name, email address and occupation.

  • Account Information: Name, surname, email, password, occupation role, and preferred language.

  • Billing Information: If you subscribe to paid features, we collect payment information such as credit card numbers (processed securely via third-party payment processors).

​

1.2 Usage Data

 

We collect Usage Data automatically when you access or use the Service. Usage Data provides insights into how our Service is accessed, used, and performs, which helps us improve functionality and ensure security. This data may include the following information:

  • IP Address: Your device’s Internet Protocol (IP) address.

  • Device Information: Details about the device you use, including the type of device (e.g., desktop, tablet, or mobile), operating system, browser type, and version.

  • Log Data: Information such as the date and time of access, the pages you visit, the time spent on those pages, click activity, and referral sources (e.g., how you reached the Service).

  • Mobile-Specific Data: When accessing the Service through a mobile device, additional data may be collected, such as your mobile device’s unique ID, mobile IP address, operating system, type of mobile browser, and other diagnostic data.

  • Diagnostic Data: This may include crash reports, performance data, and other analytics used to monitor and enhance the Service’s functionality.

​

We may collect this information directly from your browser or device whenever you visit or interact with the Service. This data may also include information sent by your browser, such as referral URLs, search queries, or metadata related to your access.

​

1.3 Cookies and Tracking Technologies

​

We use Cookies and similar tracking technologies to track the activity on our Website and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse our Website. The technologies we use may include:

  • Cookies or Browser Cookies. A cookie is a small file placed on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our Website may use cookies.

  • Web Beacons. Certain sections of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

​

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.

We use both Session and Persistent Cookies, which can be First Party Cookies or Third Party Cookies.

  • Session Cookies are temporary and once you close the browser window, they are deleted from your device.

  • Persistent Cookies remain on your device for a longer period and are used by the Website to recognise your device when you return.

  • First Party Cookies are cookies installed by Cymph, running the Website you are visiting on your devices.

  • Third Party Cookies are cookies installed on your devices via the Website you are visiting by another organisation like the ones set by a website analytics company that provides the website owner with data on the numbers of people visiting its website.

 

A visit to a page of our Website may generate the following type of cookies:

  • Strictly Necessary Cookies. These cookies enable you to navigate through the Website and use its features securely and optimally. Without these cookies, you may not be able to use our Service.

  • Performance Cookies. These cookies collect information about your visit and usage of our Website. The information collected by these cookies is anonymous and used solely to improve our Website functionality. The tool we use is Google Analytics. This way, we obtain statistics on the number of visits, determine popular pages on our Website, and monitor user behaviour patterns. It helps us to analyse and understand how visitors come to our Website, use it, and what they are interested in. This enables us to continuously improve our content and Website functionality.

  • Functional Cookies. These cookies enable the Website to remember choices you make, for example, language and location preferences. With the help of these cookies we are able to deliver a more personalised experience.

​

The cookie-related information that we collect is not used to identify you personally. We do not use cookies which track your browser activity on other websites, nor do we gather any information for advertising purposes. We use cookies on our Website to enhance user experience and to analyse our traffic. We might also share anonymised information about the usage of our Website site with our analytics partners. We do not use this information for any other purpose than those described.

​

2. How We Use Your Information

​

We use your data for various purposes, including:

  • To Provide and Maintain the Service: We use your personal information to create and manage accounts, deliver our services, and ensure the functionality and security of the platform.

  • To Manage your Requests: We process your requests, such as inquiries or service-related requests, to provide appropriate responses and support. This includes responding to your inquiries and providing customer support.

  • To Improve the Service: We analyse usage data to understand how our Service is used, improve performance, and development new features and enhancements on the Platform.

  • To Contact You: We may contact you via email, telephone, SMS, or other electronic communication methods (e.g., push notifications) to provide updates about your account or the Service. These communications may include important notifications, security alerts, or necessary service-related information.

  • To Provide News, Offers, and Marketing Communications: With your consent or as permitted by law, we may send you newsletters, offers, and general information about our company, events, or product and services. You may opt out of receiving these communications at any time.

  • For Payment Processing: Your payment information is processed securely by third-party payment providers. We do not store your payment details on our servers but may retain transaction records for accounting and legal purposes.

  • To Comply with Legal Obligations: We may use your personal data to comply with applicable  legal obligations, such as tax, regulatory, or law enforcement requirements, including obligations under the General Data Protection Regulation (GDPR) and other relevant laws.

  • For Other Business Purposes: We may use your data for internal purposes such as data analysis, license management, usage trend identification, or evaluating the effectiveness of our marketing campaigns. This information helps us improve our services, marketing strategies, and overall user experience.

 

3. Legal Basis for Processing Personal Data

​

We process your personal data in compliance with applicable data protection laws, which may vary depending on your location, including but not limited to the General Data Protection Regulation (GDPR), and other similar regulations. The legal bases we rely on include:

  • Consent: Where you have given clear and explicit consent for us to process your data, such as opting into marketing communications.

  • Contractual Necessity: When processing is necessary to fulfil a contract with you, for example, to provide the services you have requested or subscribed to.

  • Legal Obligation: Where we are required to process your data to comply with applicable laws, such as accounting, tax obligations, or other mandatory legal requirements

  • Legitimate Interests: When processing is in our legitimate business interest, such as to improve our services, provided that your fundamental rights do not override these interests.

​

In some cases, different legal bases may apply depending on your location or the specific data protection laws in force in your region.

 

4. Data Sharing and Transfers

​

We may share your personal data with third parties or transfer it internationally as part of our business operations. The circumstances under which we share or transfer your data include:

  • Service Providers: We may share your data with trusted third-party vendors and service providers to facilitate our services, such as payment processors, hosting services, and analytics providers.

  • Legal Compliance: If required by law or to protect our legal rights, interests, or the security of our users, we may disclose your data to regulatory authorities, legal entities, or government agencies.

  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner.

  • Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honour this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.

  • International Transfers: In certain cases, your personal data may be transferred to and processed in countries outside your country of residence, including those outside the European Economic Area (EEA). Where we transfer your data internationally, we ensure it is protected by appropriate safeguards in compliance with applicable data protection laws, to ensure the security and privacy of your data.

​

By using our services, you acknowledge and consent to the sharing and international transfers of your data as described above.

​

5. Data Retention

​

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. This includes retaining your data to comply with legal obligations, resolve disputes, and enforce our agreements.

 

6. Security of Your Data

 

We take reasonable and appropriate security measures to protect your personal data from unauthorised access, alteration, or destruction. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

 

7. Links to Other Websites

 

Our Service may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.

 

8. Your Rights

 

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.

  • Right to Erasure: You can request that we delete your personal data, subject to certain exceptions (e.g., when we are legally required to retain it).

  • Right to Data Portability: You can request that we provide your data in a machine-readable format, or transfer it to another data controller where technically feasible.

  • Right to Object or Restrict Processing: You can object to or request restrictions on our processing of your data.

  • Right to Withdraw Consent: If we rely on your consent to process your data, you have the right to withdraw that consent at any time.

​

To exercise any of these rights, please contact us at legal@cymph.io.

 

9. Children’s Privacy

 

Our Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under the age of 16, we will take steps to delete that information.

 

10. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time. When we make changes, we will notify you via email or a notice on our website. It is your responsibility to review this policy periodically.

 

11. Contact Us

​

If you have any questions or concerns regarding this Privacy Policy or wish to exercise your data rights, please contact us at:

bottom of page