Privacy Policy: Dataswyft Network
[Last updated 8 February, 2024]
This Privacy Policy is applicable to the following Dataswyft companies (collectively, “Dataswyft Network”):
Dataswyft Sdn Bhd, Malaysian company number 202001003421 (1359741-U)
Dataswyft Network Ltd, UK Company number 15059243
BY USING THE SITE AND OUR SERVICES, YOU AGREE TO THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT ACCESS THE SITE OR OTHERWISE USE OUR SERVICES
INTRODUCTION
This Privacy Policy describes our policies and procedures on the collection, use and disclosure of your information when you use our websites and any applications, products, or services (the “Services”) provided by the above companies (“Dataswyft Network”), and tells you about your privacy rights and how the law protects you.
We use your personal data to provide and improve our Services. By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.
We, Dataswyft Network, prioritize your personal data and privacy. This policy explains our data practices, including collection, processing, and your rights regarding your data when using Dataswyft Network services, websites, Decentralised Data Servers (DDS), Data Accounts (“DAs”) and Data Wallets.
For more details or questions, please contact us at:
Contact person: Dataswyft Network Compliance Officer
using the contact us feature on our website: dataswyft.com
writing to us at contact@dataswyft.com
We regularly update our Privacy Policy. Our business evolves, so changes to the policy may occur. The updated policy is posted on our websites and applications, effective immediately or on a specified date. By using our services, you agree to these updates. Regularly review the policy on our websites and applications. Your continued use means you accept the revised policy. Using our services implies your consent to our data practices as outlined in this policy and our Terms of Use. Our commitment to your privacy and data protection is fundamental to our services.
Background
Network-enabled Applications (“NEAs”) consist of various third party web and mobile Applications, including to which this Privacy Policy applies. These Applications are not owned by Dataswyft Network but are integrated with Data Accounts and Data Wallets operated by Dataswyft Network.
NEAs generate and acquire personal and other data to be processed for the purposes of their business.
Dataswyft Network is responsible for managing the connections between the data accounts and NEAs and as such is solely responsible and liable to you for the storage and mobility of your personal data in data accounts (called “self-sovereign data” or “DA data”)
Purposes for the processing of data within Dataswyft Network
We would process personal data for these reasons:
a) Manage your data server, data account(s) and data wallet
b) Deliver requested services
c) Ensure you follow our rules and Privacy Policy
d) Get your feedback and do surveys
e) Offer support and maintenance
f) Learn how you can use our services to improve them
g) Keep our network safe
h) Follow the law and stop fraud
i) Send you updates and news, with your option to opt-out
j) As per your specific permissions and instructions
k) Handle billing - we may process some details like IP addresses for accurate invoices
We do not process or control DA Data.
Data Accounts
NEAs need their users to create a Data Account (“DA”) to store their users’ personal data. DAs are legal compartments within a database of a Decentralised Data Server (“DDS”) called a "HAT Microserver" that let users store and own their data in the cloud. Dataswyft Network provisions a DDS and issues a NEA-linked DA when requested by NEAs and the HAT Community Foundation governs the connections between NEAs and Dataswyft Network. We are not liable for the data or contents stored in your DA.
Data Wallets
Your data account may be attached to a data wallet that lets you fully control and process your personal data. You and only you can allow access to your DA's data. When you sign up or login to an NEA, you must first agree to their terms and our terms to explicitly instruct Dataswyft Network and our partners to provision a DDS for you and enable the connections for the use of your DA data. We can't enable the connections and the use your DA data without specific agreements between Dataswyft Network, you, and any third party owned NEAs. You have the right to stop third parties from using your DA data via the data wallet settings at any time.
Types of Personal data processed by us
When you use NEAs, we might handle:
Personal Data: While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. This is necessary for the operation of the services to serve you, in particular, for the provision of your HAT Microserver. Personally identifiable information we collect are listed below:
● Email address
Usage Data: Usage Data is collected automatically when using the Services. Usage Data may include information such as your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When you access the Services by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. We may also collect information that your browser sends whenever you visit our Services or when You access the Service by or through a mobile device. Usage data may also include categories of data that is used to characterise your attributes and profile.
Tracking Technologies and Cookies: We use Cookies and similar tracking technologies to track the activity on our Services and store certain information. The technologies we use include:
● Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. Unless you have adjusted your browser setting so that it will refuse Cookies, our Service may use Cookies.
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close your web browser.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
Who we share data with and why
We might share the data we have access to with our internal teams (like technical support, customer service or legal) or with third parties to:
a) Obey the law or court orders
b) Ensure you follow our service policies
c) Protect our rights, property, and users
d) During business changes like mergers or sales
e) If you agree or ask us to
If you fail to provide personal data
If you don't provide the personal data required by law or our contract, we might not be able to serve you. This could lead to us ending your NEA use or not accepting your registration, affecting your access to the NEA and our services.
Passwords and Confidentiality
We do not store your passwords. You create and keep your DA password safe. We can't verify users' identities and aren't responsible if someone else uses your password. Tell us right away if there's unauthorized use. We can disable your DA if you don't follow our terms.
How we use your Personal Data
We only use your Personal Data to provision a decentralized data server and issue a data account and data wallet attached to your server for the NEA you signed up to.
Data Accounts and Data Wallets
Registration: You agree to the terms of a NEA and our terms. A Decentralized data server will be provisioned for you and we enable the connection between your NEA-linked data account and the NEA.
Using the NEA: The NEA collects and uses your data in the NEA Data Account when you use it.
Automatic Collection: The NEA might collect data about your device, how you use the app, and where you are and save it in your DA.
Inputting Data: When you use other services, the NEA may add this data automatically or you enter it manually.
Purposes for which we will use your personal data
We process your personal data based on:
a) Your instruction to provision a decentralized data server: We use your data to send you system emails for the functioning of your server and to provide the data account and data wallet service for the NEAs you have signed up to.
b) Contract needs: We need to process data to provide services, like support and to ensure you follow your contract and our policies.
c) Legitimate interests: We use data for our or others' legitimate interests, not overriding your privacy. This includes understanding service use for improvement or marketing. You can opt-out of marketing.
d) Legal requirements: We process data when the law requires, like for legal investigations or by court order.
Disclosure of Personal Data
Dataswyft Network and its partners cannot see or use your data without your clear permission and a proper agreement to establish an NEA connection with a PDA in your server.
International connections and transfers
International connections and transfers that you permit may move your data outside your home country. We follow the law to protect your data during for these connections and transfers.
Data Security
We prioritize your data's protection with strong physical, administrative, and technical measures. Our services use multiple security layers to guard your personal data in all states.
Key measures include:
a) Applying safeguards for data handling and encryption during transmission.
b) Using firewalls and encryption for data security.
c) Limiting access to necessary employees and partners.
d) Continuously monitoring and testing our systems for weaknesses.
Remember, no system is foolproof. Keep your login details secure and understand that transmitting data online has its risks.
Your Self-Sovereign data security is maintained
Make sure to keep your password and devices safe from others. It is your job to keep your password secret. Always log out when you're done, especially on shared devices.
Data Retention
We keep data only as long as needed for its specific purpose and legal requirements. Data is deleted when no longer necessary. Generally, we hold data:
a) For the time it's used for our services.
b) As the law or contracts require.
c) For internal, research, or statistical needs, with proper safeguards.
d) To adhere to the rules set by the the NEA that has generated and stored DA data.
You may have the right to request data deletion under certain conditions (refer to Your Privacy Rights).
Our Legal Basis for Processing Personal Data
We may process Personal Data under the following conditions:
Consent: You have given your consent for processing Personal Data for one or more specific purposes.
Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which Dataswyft Network is subject.
Vital interests: Processing Personal Data is necessary in order to protect your vital interests or of another natural person.
Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in Dataswyft Network.
Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by Dataswyft Network.
In any case, Dataswyft Network will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision Personal Data is a statutory or contractual requirement, or requirement necessary to enter into a contract.
Your Rights under this Privacy Policy and GDPR
Dataswyft Network undertakes to respect the confidentiality of your Personal Data and to guarantee you can exercise your right under this Privacy Policy and the GDPR, to:
● Request access to Your Personal Data. The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist You. This also enables you to receive a copy of the Personal Data we hold about you.
● Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
● Object to processing of Your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
● Request erasure of Your Personal Data. You have the right to ask us to delete or remove Personal Data when there is no good reason for us to continue processing it.
● Request the transfer of Your Personal Data. We will provide to you or to a third-party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with You.
● Withdraw Your consent. You have the right to withdraw your consent on using your Personal Data. If You withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Service.
Exercising of Your GDPR Data Protection Rights
You may exercise Your rights of access, rectification, cancellation and opposition by contacting us. Please note that we may ask You to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.
Cookies
You can adjust your browser to block or warn you about cookies. But remember, if you block cookies, some parts of an NEA might not work right.
Links to other websites
If you visit other websites through links from ours, we can't manage their privacy rules. Please read their privacy policies before sharing your info. We're not responsible for their data handling. Always check the privacy notices of any linked sites.
Minors
By engaging with our Applications and Services, you assert that you are not a minor. In the event that we ascertain the receipt of data from a minor without appropriate parental consent, our course of action will be to utilize said information solely for the purpose of communicating directly with the minor (or their parent or legal guardian) to convey the ineligibility of the minor to utilize the Services. Subsequently, we shall proceed to expunge the aforementioned data from our records.
Complaints
If you have any concerns about our use of your personal information, you can make a complaint to us at:
Contact person: Dataswyft Network Compliance Officer
using the contact us feature on our website: dataswyft.com
writing to us at contact@dataswyft.com
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk