LEGAL

Privacy Policy

Last updated: January 2025

1. Introduction and Scope

This Privacy Policy ("Policy") explains how Denovate, LTD. ("Denovate", "Company", "We", "Us") collects, processes, stores, shares, and protects personal data of users ("User", "You") when using the Denovate platform and related services ("Services"), including our website denovate.app and any mobile applications or digital products we operate.

Denovate is committed to protecting your privacy and the security of your personal data. This Policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the UK GDPR, and other relevant privacy regulations. By using our Services, you acknowledge that you have read and understood this Policy and agree to the collection and use of your personal data as described herein.

2. Data Controller

Your personal data is processed by Denovate, LTD. as the data controller:

  • Company Name: Denovate, LTD.
  • Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
  • Phone: +44 7349 580908, +90 537 581 36 36
  • Email: privacy@denovate.app

3. Personal Data We Collect, Collection Methods, and Legal Bases

To provide and improve our Services, we collect and process the following categories of personal data, using the methods and legal bases specified below:

Identity Information

  • Personal Data Examples: Name, surname, username, email address.
  • Collection Methods: Account creation, platform login, form submissions.
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Compliance with legal obligations (GDPR Art. 6(1)(c)), Legitimate interests (GDPR Art. 6(1)(f)).

Contact Information

  • Personal Data Examples: Email address, phone number (optional or for support requests), social media account information (if you interact with us through these channels).
  • Collection Methods: Account creation, contact forms, support requests.
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Legitimate interests (GDPR Art. 6(1)(f)), Consent (where required, e.g., marketing communications).

Business Information

  • Personal Data Examples: Company name, business address, tax identification number, industry sector (for business clients).
  • Collection Methods: Business account creation, profile completion, service usage.
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Consent (GDPR Art. 6(1)(a)), Legitimate interests (GDPR Art. 6(1)(f)).

Subscription Information

  • Personal Data Examples: Selected premium package, subscription start and end dates, amount paid (including VAT).
  • Collection Methods: Premium package selection and purchase transactions, account management.
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Compliance with legal obligations (GDPR Art. 6(1)(c)).

Financial Information

  • Personal Data Examples: Billing address, payment method information (limited information such as last four digits of credit card number), tax identification number (for invoicing).
  • Collection Methods: During premium package and payment transactions. Payments are processed through secure third-party payment service providers; we do not store your credit card details.
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Compliance with legal obligations (GDPR Art. 6(1)(c)).

User Content

  • Personal Data Examples: Information you enter into our platforms, content you create or share through our Services, comments, feedback, and other materials.
  • Collection Methods: Through use of our Services (e.g., profile creation, content uploads, user interactions).
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)). Note: Please do not upload sensitive or special category personal data to our platforms unless necessary.

Technical and Security Information

  • Personal Data Examples: IP address, MAC address, device information (operating system, browser type and version), log records, cookie data, usage data (visit date/time, time spent on platform, click patterns).
  • Collection Methods: Automatically when you visit and use our platform (through cookies and similar technologies).
  • Legal Basis: Compliance with legal obligations (GDPR Art. 6(1)(c)), Legitimate interests (GDPR Art. 6(1)(f)), Legal requirement (e.g., traffic data retention laws).

Marketing Information

  • Personal Data Examples: Marketing preferences, newsletter subscription status, feedback.
  • Collection Methods: Newsletter subscriptions, surveys, feedback forms.
  • Legal Basis: Consent (GDPR Art. 6(1)(a)), Legitimate interests (GDPR Art. 6(1)(f)).

Support Information

  • Personal Data Examples: Information you share in customer support requests, communication records.
  • Collection Methods: Support requests (email, in-platform messaging, etc.).
  • Legal Basis: Performance of a contract (GDPR Art. 6(1)(b)), Legitimate interests (GDPR Art. 6(1)(f)).

4. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

  • To provide, operate, maintain, and improve our Services,
  • To manage your account and verify your user identity,
  • To process premium package purchases and payment transactions, and to issue invoices,
  • To respond to your requests, questions, and feedback, and to provide customer support,
  • To inform you about updates, changes, and innovations in our Services,
  • To ensure the security of our Services, detect and prevent fraud, abuse, and other illegal activities,
  • To fulfill our legal obligations (e.g., responding to requests from authorized public institutions, meeting legal reporting requirements),
  • To analyze the performance of our Services, improve user experience, and develop new features through statistical studies (data is generally aggregated or anonymized for this purpose),
  • Where you have given consent, to send you marketing and promotional materials and to offer you relevant proposals based on your interests.

5. Transfer of Personal Data

Your personal data may be transferred to the following persons and institutions, primarily within the country, in accordance with the conditions and purposes for processing personal data set forth in applicable data protection laws:

  • Authorized Public Institutions: In accordance with legal obligations and official requests (e.g., courts, prosecutors' offices, regulatory and supervisory institutions).
  • Payment Service Providers: For the collection of premium package fees and secure processing of payment transactions (e.g., secure payment infrastructure partners).
  • Business Partners and Suppliers (Sub-processors): Where necessary for the provision, development, and management of our Services, to our domestic and/or international business partners and suppliers who provide technical and operational services such as data hosting, cloud computing, infrastructure services, database management, email delivery, analytics services, and customer support software, only to the extent necessary and within the framework of confidentiality commitments.
  • Legal and Financial Advisors, Auditors: For the execution of our company's legal and financial processes, protection of rights, or audit activities, under confidentiality obligations.
  • Company Mergers and Acquisitions: In cases of merger, acquisition, restructuring, or sale of all or part of our company's assets, to relevant parties to the extent required by the transaction.

6. Retention Period of Personal Data

Your personal data will be retained for the periods specified in relevant legislation or for the maximum period necessary for the purposes for which they are processed. Upon expiration of these periods or when processing purposes cease to exist, your data will be deleted, destroyed, or anonymized in accordance with applicable data protection laws, either automatically or upon your request. For example:

  • Your account information is retained while your account is active and thereafter for a reasonable period in accordance with legal obligations and our legitimate interests.
  • Log records are retained for the periods required by applicable laws.
  • Invoice and payment information is retained in accordance with relevant tax and commercial law legislation.

7. Your Rights as a Data Subject

In accordance with applicable data protection laws (including GDPR Article 15-22), you have the following rights:

  • The right to be informed whether your personal data is being processed,
  • The right to request information if your personal data has been processed,
  • The right to learn the purpose of processing your personal data and whether it is used in accordance with this purpose,
  • The right to know the third parties to whom your personal data has been transferred domestically or abroad,
  • The right to request correction if your personal data has been processed incompletely or inaccurately,
  • The right to request deletion or destruction of your personal data under the conditions set forth in applicable data protection laws,
  • The right to request that third parties to whom your personal data has been transferred be notified of the operations carried out,
  • The right to object to the emergence of a result against you by analyzing your processed data exclusively through automated systems,
  • The right to claim compensation for damages if you suffer harm due to unlawful processing of your personal data.

To exercise these rights, you may submit your requests in writing or through other methods determined by the relevant supervisory authority to the contact addresses specified in Section 2 above. Your request will be concluded free of charge as soon as possible and within thirty (30) days at the latest, depending on its nature. However, if the operation requires an additional cost, a fee may be charged according to the tariff determined by the supervisory authority. We may need to verify your identity to process your request.

8. Data Security

In accordance with applicable data protection laws, we take all necessary technical and administrative measures to ensure an appropriate level of security to prevent unlawful processing of, access to, and ensure the preservation of your personal data. These measures include encryption, access controls, firewalls, intrusion detection systems, regular security audits, and staff training. However, we remind you that no data transmission over the Internet is 100% secure.

9. Data Breach Notification

In the event of a data breach that may compromise the security of your personal data:

  • We will notify the relevant supervisory authority within 72 hours
  • High-risk situations will be communicated to you without delay
  • Necessary security measures will be taken immediately
  • Breach causes will be investigated and preventive measures will be implemented

10. Cookies and Similar Technologies

We may use cookies and similar tracking technologies during your use of our Services to improve your experience, ensure the effective operation of the platform, and analyze your usage habits. For detailed information about the types of cookies we use (mandatory, performance/analytics, functionality, marketing/targeting, etc.) and how you can manage your cookie preferences, please refer to our Cookie Policy.

11. Minors

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe that a minor has provided us with personal data, please contact us using the contact information provided in Section 2. Upon detection of such data, it will be immediately deleted from our systems.

12. International Data Transfers

Your personal data may be transferred to service providers located outside your country of residence to improve service quality. In such cases:

  • Necessary measures are taken in accordance with applicable data protection laws
  • Data transfers are conducted through secure channels
  • We ensure that adequate protection exists in the recipient country
  • Your explicit consent is obtained where required

13. Links to Other Websites

Our Services may contain links to third-party websites or services that are not operated by us. The privacy policies and practices of these websites are not under our control, and we cannot be held responsible for their content or privacy practices. We recommend that you review the privacy policies of such sites before using them.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. In case of significant changes, we will inform you through our platform or via your registered email address and will publish the updated Policy on our website. Your continued use of our Services after the publication of changes will mean that you accept the updated Policy. We recommend that you regularly check this page for the most current version of the Policy.

15. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please do not hesitate to contact us through the contact channels specified in Section 2:

  • Company: Denovate, LTD.
  • Email: privacy@denovate.app
  • Phone: +44 7349 580908, +90 537 581 36 36
  • Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

By reading this Privacy Policy, you acknowledge that you have read and understood it and consent to the processing of your personal data under the conditions specified in this Policy.