// privacy

Privacy Policy

Effective: 2026-05-16  ·  Last updated: 2026-05-16

This Privacy Policy (the “Policy”) describes how Digideal Inc., a Delaware corporation with mailing address available upon written request (“Digideal”, “Company”, “we”, “us”, or “our”), collects, uses, discloses, and otherwise processes Personal Data of visitors (each, a “User” or “you”) to the corporate marketing website located at digideal.ai (the “Site”). For the purposes of the EU and UK General Data Protection Regulation (collectively, the “GDPR”), Digideal is the data controller with respect to Personal Data processed in connection with the Site. This Policy does not apply to any product website or application operated by Digideal under a separate brand, each of which is governed by its own privacy policy.

1. Definitions

For purposes of this Policy: (a) “Personal Data” means any information relating to an identified or identifiable natural person; (b) “Processing” has the meaning given in Article 4(2) of the GDPR; (c) “Service Provider” means a third party engaged by us to process Personal Data on our behalf; and (d) capitalized terms not otherwise defined herein shall have the meanings ascribed to them in the GDPR or the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA/CPRA”), as applicable.

2. Categories of Personal Data we collect

2.1 Personal Data you provide. When you correspond with us by email (including at [email protected], [email protected], or [email protected]), submit a newsletter signup, or otherwise voluntarily transmit information to us, we collect the Personal Data contained in such communications, including without limitation your name, email address, employer (where provided), and the substantive contents of your message.

2.2 Personal Data collected automatically. When you access the Site, our hosting infrastructure and analytics tooling automatically collect certain technical data, including: Internet Protocol (IP) address, device and browser identifiers, operating system and user-agent string, referring and exit URLs, pages requested, requested resources, response codes, timestamps, and approximate geolocation derived from your IP address (collectively, “Technical Data”).

2.3 Cookies and similar tracking technologies. The Site employs (i) strictly necessary cookies that are required to deliver the Site, including a cookie recording your consent state; and (ii) where you have provided your prior, freely given, specific, informed, and unambiguous consent, a first-party analytics cookie set by our Service Provider PostHog. The Site does not employ third-party advertising cookies, cross-site tracking pixels, social-media plugins, or device fingerprinting.

3. Purposes and legal bases for Processing

We Process Personal Data only for the purposes set forth below, and only on the legal bases identified for each purpose, as required by Article 6 of the GDPR:

  • To respond to inquiries — legitimate interests pursuant to Article 6(1)(f) of the GDPR, namely our interest in conducting and developing our business and responding to legitimate communications.
  • To operate, secure, monitor, and improve the Site — legitimate interests pursuant to Article 6(1)(f) of the GDPR (Recital 49 expressly recognizes network and information security as a legitimate interest).
  • To deliver email updates to which you have subscribed — your consent pursuant to Article 6(1)(a) of the GDPR; you may withdraw such consent at any time without affecting the lawfulness of prior Processing.
  • To comply with applicable law and respond to lawful process — compliance with a legal obligation pursuant to Article 6(1)(c) of the GDPR.

We do not sell, rent, lease, or trade Personal Data; we do not “sell” or “share” Personal Data within the meaning of the CCPA/CPRA; and we do not use Personal Data to train artificial-intelligence or machine-learning models on behalf of third parties.

4. Disclosure to Service Providers and other recipients

We disclose Personal Data to the categories of recipients described below, each of which is bound by contractual confidentiality and data-protection obligations consistent with the requirements of applicable law:

  • Cloudflare, Inc. — provision of DNS, content-delivery network, DDoS mitigation, and (where used) Cloudflare R2 object storage for newsletter subscriptions.
  • Zoho Corporation Pvt. Ltd. — provision of corporate email hosting for our published addresses.
  • PostHog Inc. — provision of first-party, consent-gated product analytics.
  • Functional Software, Inc. d/b/a Sentry — provision of error monitoring and observability.
  • Operators of our self-hosted infrastructure — provision of compute, storage, and networking services to which we deploy the Site.

We may additionally disclose Personal Data: (a) to comply with applicable law, lawful process, or a valid request from a governmental authority; (b) to enforce our terms of service or protect our rights, property, or safety, or the rights, property, or safety of others; or (c) in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, in which case Personal Data may be transferred to the successor entity.

5. International transfers of Personal Data

Personal Data Processed in connection with the Site may be transferred to, stored in, or accessed from jurisdictions outside your country of residence, including the United States. Where such transfers occur from the European Economic Area, the United Kingdom, or Switzerland to a country not deemed by the relevant supervisory authority to provide an adequate level of protection, we implement appropriate safeguards within the meaning of Article 46 of the GDPR, including the European Commission's Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) and, where applicable, the UK International Data Transfer Addendum.

6. Retention

We retain Personal Data only for as long as is necessary to fulfill the purposes for which it was collected, including the satisfaction of legal, accounting, or reporting obligations. Without limiting the generality of the foregoing: (a) email correspondence is retained for the duration necessary to respond and for a reasonable subsequent period to maintain a record of our communications; (b) Technical Data contained in server logs is retained for a period not exceeding ninety (90) days, after which it is deleted or irreversibly anonymized; and (c) newsletter subscription records are retained until you exercise your right to unsubscribe.

7. Your rights

Subject to the conditions and limitations of applicable law, you may have the right to: (a) obtain access to, and a copy of, your Personal Data; (b) request rectification of inaccurate Personal Data; (c) request erasure of your Personal Data; (d) request restriction of, or object to, certain Processing; (e) data portability; (f) withdraw any consent on which our Processing is based; and (g) lodge a complaint with a competent data-protection supervisory authority. California residents are additionally entitled to the rights set forth in the CCPA/CPRA, including the rights to know, to delete, to correct, and to limit the use of sensitive Personal Data.

To exercise any of the foregoing rights, please submit a written request to [email protected]. We will respond within the time period required by applicable law, and in any event without undue delay. We may request information reasonably necessary to verify your identity prior to responding to a request.

8. Children

The Site is intended for an adult, business-to-business audience and is not directed to, marketed to, or intended for use by children under the age of thirteen (13) (or under the age of sixteen (16) within the European Economic Area). We do not knowingly Process Personal Data of any such child. If we become aware that we have inadvertently collected Personal Data from a child in violation of applicable law, we will take prompt action to delete such Personal Data.

9. Security

We implement and maintain administrative, technical, and physical safeguards designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, including encryption of Personal Data in transit using Transport Layer Security (TLS), restricted role-based access controls, periodic dependency and infrastructure updates, and routine review of access logs. No system or method of transmission or storage, however, can be guaranteed to be one hundred percent secure, and we make no representation or warranty to that effect.

10. Modifications

We reserve the right, in our sole discretion, to modify this Policy at any time. The “Last Updated” date set forth above reflects the date of the most recent modification. Material changes will be announced on the Site or by other reasonable means. Your continued access to or use of the Site following the effective date of any such modification constitutes your acceptance of the Policy as modified.

11. Contact

Any questions, comments, or requests regarding this Policy or our Processing of your Personal Data may be directed in writing to:
Digideal Inc. — Attn: Privacy Office
Email: [email protected]
General inquiries: [email protected]