Dyneum

Preamble

This is the Privacy Policy of Dyneum applications (both web and mobile), SDKs, APIs, or other cloud-based services that we host on your behalf (the “Services”). Dyneum is a brand of the Dyneum Inc. Please note: A separate Privacy Policy is available for the website www.dyneum.io

Privacy is one of our core values, so Dyneum Inc. (“we”, “us”, “our” or “Dyneum”) respects your privacy. Our Services are specifically designed to minimize the amount of data that is collected about you ("you", or "User") and to remove the need for any central data storage or data sharing requirement. In order to interact with you and improve the services, we do collect some information.

This Service Privacy Policy ("Policy") will explain to you what data we collect, and how we use your personal data. It also describes how you can access, update, or otherwise take control of the personal data that we have collected from you. We, being a software-as-a-service business, take our responsibilities with regard to the requirements of CCPA and the EU GDPR very seriously.

By the nature of the Dyneum Self-Sovereign Identity App, the application (on your end user device) processes a wide variety of information, including personal identifiable information and special categories of personal data. It is our most important goal to keep your data private. In stark contrast to most identity providers available in the market, we will never share any personal data with anyone (not even Dyneum itself). Our applications are built with the intent to minimize the collection, sharing and storage of such data. For each type of data laid out below, we will therefore explain in the highest degree of detail, the processing level and depth in order for you to understand how Dyneum helps protect your privacy compared to traditional identity verification service providers.

Your Personal Data is collected from you when:

a. You open our mobile app or interact with a website pop-up;

b. You create or update your digital credentials through our mobile app or website pop-up;

c. You verify your credentials through our mobile app or website pop-up;

d. You access or use any feature, content, software, hardware or other product available on or through the Services or otherwise provided by us.

Your access and use of the Services is conditioned on your providing us with any requested User Information.

1. Digital Credentials

1.1 What data is collected?

Dyneum uses digital identity technology and digital wallets to provide a secure method for consumers and businesses to access and exchange identity-related information (hereinafter "DID"). In order to generate a DID, the following data is provided by you when you register for your account with the Services, as you use the Services, or as you engage with the Company through its Services. We consider all such information voluntarily provided:

a user-selected sub-domain,

your wallet public key addresses.

1.2 How we use data

Your DID is the virtual representation that you passed credential based verification. Dyneum and other service providers can access the DID as a vehicle to verify selective checks on your credentials. Since the credentials are anonymized using Zero-Knowledge Proofs (ZKP), no Personal Identifiable Information (PII) is stored, accessed, nor processed in any way by Dyneum or any other service provider unilaterally.

1.3 How we secure and retain data

DIDs are stored on the public distributed ledger Polygon (the MATIC blockchain) and any additional distributed ledger we receive explicit permission for a data copy from you. The DID is stored in the form of a non-transferable, non-fungible token (hereinafter "SBT").

This SBT contains the following data:

a unique, DID identifier,

a private-key shard (see "Personal Identifiable Information),

a list of pointers that refer to the ZKP generated for your DID (see "Anonymized Individual Data").

Since this data is stored on public distributed ledgers, all of its contents are available to the public. None of the data provided here is sensitive in nature or can be used to identify you personally. You can delete the SBT storing your DID at any time (and thus revoke any data processing linked to it) from within the Dyneum App or any self-custody wallet holding such DID.

2. Personal Identifiable Information (PII)

2.1 What data is collected?

For each credential that you verify and generate anonymous zero-knowledge proofs from, a unique set of personal identifiable information (PII) is processed. Currently, the following credentials are supported:

1. Proof-of-Citizenship

(based on Passport, Identity Card, or Driver's License and facial recognition).

In order to verify your Proof-of-Citizenship, the following data is processed:

a government-issued alphanumeric Identifier

(Passport No., Identity Card No. Or Driver's License Number),

your nodal point faceprint,

your Nationality,

your Date of Birth,

your Gender,

the Date of Issue,

the Date of Expiry.

2. Proof-of-Personhood

(based multiple pictures of your face)

In order to verify your Proof-of-Personhood, the following data is processed:

your nodal point faceprint.

This data is provided by you when you verify credentials within the Services, as you use the Services, or as you engage with the Company through its Services. We consider all such information voluntarily provided.

2.2 How we use data

The main purpose for the collection of personal data is its anonymization and protection from misuse. The ZKPs we generate from your credentials are mathematically verifiable proofs that a factual statement on your personal data is correct, without revealing the personal data itself. For example, within the Proof-of-Citizenship credential, one of the proofs we generate proofs that you are over 18 years old, without revealing your birthdate; the only data that is exposed to the parties involved is the "True/False" statement to "Is the following user of 18 years old?". For the Proof-of-Personhood credential, the nodel point faceprint is protected through fully homomorphic (FH) encryption. FH encryption ensures that Dyneum servers can identify faceprint uniqueness without the ability to decrypt, recover or reuse the original faceprint likeness for any other purpose. For more details refer to chapter 4 Anonymized Individual Data and/or our Help section

Credential date of issue and expiry are used to define the validity of a ZKP. Validities are pooled in monthly buckets in order to avoid indirect user verification. In order to comply with legal, law enforcement, and anti-money laundering regulation enforcement, a threshold cryptography encrypted, decentralized data archive for the original data from which the Proof-of-Citizenship ZKPs are derived from is created. Only threshold cryptography encrypted data leaves your mobile end device; at no point throughout the entire process does any single stakeholder have access to your private data with exception of the aforementioned regulatory compliance.

Your personal data is not stored, accessed, shared or in any other way processed besides mentioned above.

2.3 How we secure and retain data

The decentralized data archive is retained for as long as required by law. The archive is protected through state of the art threshold encryption. The encryption is generated directly by your mobile end device. The key required to decrypt the data is split into three (3) private key shard. One of these key shards is written on your DID SBT, the second one is maintained in your profile (see Special Categories of Personal Data), and the third one is provided to the regulatory/issuing body of the affected credentials, or remains in custody with Dyneum pending data exchange agreements with relevant regulatory bodies. Decryption without access to all private key shards is not possible; this means that no single party is able to access your private data on their own.

No other copy of your personal data persists, your personal data is actively deleted from your mobile device once encrypted and the ZKPs have been generated.

3. Special Categories of Personal Data

3.1 What data is collected?

When you create a Store with our Services, we collect the following Special Category of Personal Data:

your nodal point faceprint from picture-based facial recognition,

Information You Provide to Us.

Contact information, such as name, user ID, e-mail address, and phone number
Information necessary for us to remit payments to sellers, such as financial account transactional information based on your activities on the Site as a seller (such as item and content you generate or that relates to your account); community discussions, chats, dispute resolution, correspondence through our Site, and correspondence sent to us; information we ask you to submit to authenticate yourself or if we believe you are violating site policies (for example, we may ask you to send us an ID or bill to verify your address, or to answer additional questions online to help verify your identity or ownership of an item you list);
Marketing information, such your preferences for receiving marketing communications and details about how you engage with marketing communications; and
Other personal information you choose to submit to us

Information We Collect About Buyers From or on Behalf of Our Sellers.

We may collect information about buyers from or on behalf of our sellers. The sellers determine the scope of the information we collect on their behalf, that they transfer to us, or that we otherwise collect, and the information we receive may vary by seller. Typically, the information we collect about individuals from or on behalf of our sellers includes:
transactional information based on your activities on the Site as a buyer (such as item and content you purchase)
payment information, such as credit card number
your contact information (such as your name, user ID, email-address, and shipping, billing and other information you provide to purchase an item or receive delivery of an item
other personal information that our sellers may provide about you

Information Automatically Collected.

When you access the Site, we, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity on our Site. The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our Site, general location information such as city, state or geographic area; and information about your use of and actions on our Sites, such as pages you viewed, how long you spent on a page, navigation paths between pages, information about your activity on a page, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected using cookies and similar technologies. Please refer to the Cookies and Similar Technologies section for more details.

Social Media Networks and other Third Party Platforms.

We may offer single sign-on services that allow you to use third party login credentials to sign into Service. With your permission, Dyneum may also collect profile information contained in your third-party profile. Dyneum may also, for your use, enable you to import information about who you are connected to, as well as enable you to share information with those third-party sites. If you wish to discontinue such sharing, please refer to the settings on the third-party service or your preference page on Dyneum.
We may also maintain pages for our company and our products on a variety of third-party platforms, such as Facebook, Twitter, Google+, YouTube, Instagram, and other social networking services. When you interact with our pages on those third-party platforms, the third-party’s privacy policy will govern your interactions on the relevant platform. If the third party platform provides us with information about our pages on those platforms or your interactions with them, we will treat that information in accordance with this Privacy Policy.

Sensitive Personal Information.

If you send or disclose any sensitive personal information to us when you use the Services, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Sites.

Cookies and Similar Technologies

What are cookies?

Cookies are small data files stored on your computer or mobile device by a website. Our Sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Site.

We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Sites; and (2) third party cookies, which are served by service providers or business partners on our Sites, and can be used by such service providers or business partners to recognise your computer or mobile device when it visits other websites.

Cookies we use

Our Site uses the following types of cookies for the purposes set out below:

Essential Cookies - These cookies are essential to provide you with services available through our Site and to enable you to use some of its features. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
Functionality Cookies - These cookies allow our Sites to remember choices you make when you use our Sites. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-select your preferences every time you visit our Site.
Analytics and Performance Cookies - These cookies collect information about traffic to our Sites and about how individuals use our Sites. The information gathered may include the types of information described above in the section titled “Information automatically collected.” We use this information to help operate our Site more efficiently, to gather broad demographic information, monitor the level of activity on our Site, and improve the Site. We use Google Analytics, Optimizely, and New Relic for this purpose. These parties use their own cookies. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies, and about how Google protects your data here: www.google.com/analytics/learn/privacy.html. You can prevent the use of Google Analytics relating to your use of our Site by downloading and installing the browser plugin available here: tools.google.com/dlpage/gaoptout?hl=en-GB. You can find out more about New Relic’s services here: https://newrelic.com/, and its privacy practices here: https://newrelic.com/termsandconditions/privacy.
Social Media Cookies - These cookies are used when you share information using a social media sharing button or “like” (or similar) button on our Site or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter. The social network will record that you have done this. Social networks use their own cookies.
Targeted and advertising cookies - These cookies track your browsing habits to enable us and third-party advertising networks to deliver ads that may be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests or browsing behavior. Based on the cookies that the third-party advertising network sets on our Site and other sites, advertisers can display advertisements that may be relevant to your interests on our Site and while you are on third party websites. You can choose to disable cookies, as described below, or to opt out of the use of your browsing behaviour for purposes of targeted advertising. For opt out instructions, please review the “Targeted online advertising” portion of the “Your Choices” section of this Privacy Policy."

Disabling cookies

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” menus). Many browsers are set to accept cookies until you change your settings.

For further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.

If you do not accept our cookies, you may experience some inconvenience in your use of our Site. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site.

Other technologies

In addition to cookies, our Sites may use other technologies, such as Flash technology, pixel tags, and software development kits (or SDKs) to collect information automatically.

Flash Technology

We may use Flash cookies (which are also known as Flash Local Shared Object (“LSOs”)) on our Site to collect and store information about your use of our Site. Unlike other cookies, Flash cookies cannot be removed or rejected via your browser settings. If you do not want Flash cookies stored on your computer or mobile device, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel at this website. You can also control Flash LSOs by going to the Global Storage Settings Panel at this website and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Site.

Pixel tags

We may also use pixel tags (which are also known as web beacons and clear GIFs) on our Site and in our HTML formatted emails to track the actions of users on our Site and interactions with our emails. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Site, so that we can manage our content more effectively.

Software Development Kits

Our mobile applications may use software development kits (“SDKs”) provided by third parties. SDKs enable us to provide features and functionality developed by third-party developers, including to provide us with analytics, social media integration, and advertising. The SDKs we use may enable third parties to collect information about the users of our mobile applications. The types of SDKs we use include:

Analytics SDKs. These SDKs are used to collect information about use of our mobile applications. The information gathered may include the types of information described above in the section titled “Information automatically collected.” We use this information to help operate our mobile applications more efficiently, to gather broad demographic information, monitor the level of activity on and within the application, diagnose errors, and improve the mobile application.
Social Media SDKs. These SDKs help you to interact with social networks you are signed into while using our mobile application, such as by sharing content with the social network and other features you use with the social network. Social networks may also work with our apps for analytics or advertising purposes, as discussed above.
Advertising SDKs. These SDKs allow our advertising partners to collect information about your devices, and how you use our mobile application and other sites and applications over time; and to use this information to show you ads of potential interest and measure how the ads perform. These third parties’ collection, use, and sharing of your personal information is subject to their own privacy policies. You may be able to control or limit use of certain information collected through advertising SDKs for purposes of targeted advertising. For additional information, please review the “Targeted online advertising” portion of the “Your Choices” section of this Privacy Policy.

You provide certain User Information when you register for your account with the Services, as you use the Services, or as you engage with Company through its Services. We consider all such information voluntarily provided.

3.2 How we use data

In order to uniquely identify you and to protect you and the service providers you interact with from malicious attacks from pseudonymous identities (anti-sybil protection), a world-wide unique identifier for each Service end-user is needed.

3.3 How we secure and retain data

The Dyneum profile (hereinafter "profile") is stored on Dyneum servers. Your profile consists of the following data:

your unique DID identifier,

your Email-Address,

a sub-domain name,

your FH encrypted nodal point faceprint,

a private key shard,

your wallets' public keys.

Dyneum takes the highest degree of commercially reasonable measures, including administrative, technical, and physical safeguards, to:

a. protect your profile from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction,
b. ensure the security, confidentiality, and integrity of your profile,
c. protect against any threats or hazards to the security or integrity of the profile,
d. protect against unauthorized access to, or unauthorized disclosure of the profile, and
e. take such security measures required by any applicable privacy laws.

We cannot completely guarantee that unauthorized third parties will never be able to defeat our security measures or use your profile for improper purposes. In the event that your profile in our possession or under our control is compromised as a result of a security breach, we shall give prompt notice to you, with full particulars, and shall immediately commence a thorough investigation of any such incident. This data is provided by you when you verify credentials within the Services, as you use the Services, or as you engage with the Company through its Services. We consider all such information voluntarily provided.

4. Anonymized Individual Data

4.1 What data is collected?

When you verify credentials through the Dyneum app, the app anonymizes your personal data through the use of zero-knowledge proofs (ZKP). Zero-knowledge proofs are a method by which we help you stay anonymous; they are a mathematical method to prove certain statements about you without disclosing any of the underlying personal data. The questions we verify through ZKPs are carefully selected in order to ensure full anonymity and make real name identification of you through indirect means practically impossible by making sure that each single ZKP demographic profile (i.e. each single collection yes/no answers) is expected to be shared by at least 50.000 people. Already anonymous individual data does not require further anonymization and will be provided as collected.

In the following, a list of the anonymized data verifiers can access for each of the credentials verified through Dyneum once authorized by you:

1. Proof-of-Citizenship

a. Adulthood - Is the credential holder over 18 years old? [yes/no]

b. Citizenship - Country of your citizenship

c. Gender - Your Gender

2. Proof-of-Personhood

a. Uniqueness - Has your faceprint been used to create another Proof-of-Personhood credential with another profile/ wallet? [yes/no]

b. Similarity Ciphertext - To what degree does your FH encrypted faceprint match with previously collected FH encrypted faceprints? [0 - 100%]

3. Social

a. Aggregate Score - A point based representation of your overall social media activity and engagement across different social media platforms, including but not limited to X.

b. Topic Specific Score -A point based representation of your social media activity and engagement on a certain topic across different social media platforms, including but not limited to X.

4.2 How we use data

Anonymous individual user data is used by service providers ('verifiers') to verify your eligibility to access certain features, to fulfill verifiers' legal KYC requirements and by Dyneum to aggregate into anonymous market demographic overviews. Throughout the whole process, no PII, nor special category of personal data is ever exposed to any party.

4.3 How we secure and retain data

Anonymized individual data is stored on decentralized storage and is only accessible by Dyneum and verifiers that have been authorized by you. The data is protected through state of the art encryption and whitelisting of trusted verifiers.

5. Security

Your information is stored on our servers located in the United States. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use or disclosure. However, as you probably know, third parties may unlawfully intercept or access transmissions or private communications, and other Users may abuse or misuse your Personal Data that they collect from the Site. Therefore, we do not promise, and you should not expect, that your Personal Data or private communications will always remain private.

6. Device & Usage Information

6.1 What data is collected?

Service Usage Data may automatically be collected when you interact with our Services. This information may include data about your interactions with the features, content and links contained in our Services, time of interaction, operating system used, IP address, language preferences, and other cookie data. While none of this data will allow us to directly identify who you are, some of this data can be used to approximate your location.

Supplementary Data may be received about you from Data Providers. We may combine this data with the information we already have about you in order to maintain accuracy of our records, and provide products and services that you may be interested in.

App Analytics might be provided by third-party tools to collect information on how you interact with our App. This data may include information on which pages you visit, how much time you spend on each page, which operating system and browser you use, and geographic location information. These tools will generate cookies for this purpose which can only be used by the service provider. The data collected may be transmitted to and stored by these service providers in a country other than where you reside. This information does not include personal data such as names, addresses, email addresses, etc, and will be stored and used in accordance with their own privacy policies.

6.2 How we use data

Delivering, updating, and improving the Services that we provide to you. We collect various data you use and interact with our Services. We use this data to:

a. improve and optimize the performance of our Services,

b. identify and investigate security risks, and needed enhancements to our Services,

c. detect and prevent fraud and abuse of our Services,

d. collect statistics about the use of our Services,

e. analyze which of our Services are most relevant to you.

Device & Usage information is collected anonymously and not linked to your identity or profile.

6.3 How we secure and retain data

Device & Usage information is stored on Dyneum servers. Dyneum takes the highest degree of commercially reasonable measures, including administrative, technical, and physical safeguards, to:

1. protect your profile from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction,

2. ensure the security, confidentiality, and integrity of your profile through the use of, among others, state of the art encryption like threshold and FH encryption,

3. protect against any threats or hazards to the security or integrity of the profile,

4. protect against unauthorized access to, or unauthorized disclosure of the profile, and

5. take such security measures required by any applicable privacy laws.

7. Your Data Subject rights

You may contact our Data Protection Officer (DPO) for any reason through the "Contact Us" form or via the following e-mail address: contact@dyneum.io.

If you have any questions that aren't addressed by this Privacy Policy, please let us know! Use it to contact us for anything related to our use of your information, including opting-out of sharing your information with others, updating your information, finding out what information we have about you, or for anything that you feel violates any of your above listed rights.

If you make a request to delete your personal data, that request will be honored only to the extent where the data is no longer needed for the Services, or when it is no longer required for our business, legal or contractual record keeping requirements. Any request to delete all or any personal data related to a Visitor is fulfilled within 30 days. This period is justified by the complexity of the systems and technologies we operate to process the data. Where a Personal Data Breach occurs or is suspected, it is reported immediately to the DPO or the CEO and, where applicable, to the data protection authority and the individual affected by the breach. The report includes full and accurate details of the incident (including its reasons and magnitude) and sets out the planned measures intended to eliminate the breach.

We adhere to the principles of personal data protection as envisaged in CCPA and the EU GDPR. In accordance with these principles, Personal Data is:

Processed fairly and lawfully and in a transparent manner in relation to the Data Subject;

Processed for specified, explicit and legitimate purposes only and not further processed in a manner that is incompatible with those purposes;

Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

Kept accurate and up to date;

Retained in a form permitting identification of Data Subjects for no longer than is necessary for the purposes for which they are processed;

Not retained longer than necessary;

Processed in a manner that ensures their appropriate security;

Not transferred outside the EEA without adequate protection. follow generally accepted standards to collect, store and protect Personal Data, including the use of encryption.

We retain personal data for as long as it is needed to provide the Services.

We process the Personal Data under §28 of the EU GDPR. We may determine the purposes and means of Personal Data Processing under §24 of the EU GDPR. We ensure that no Personal Data is used for any purposes incompatible with the aforementioned ones. If we are legally permitted to do so, we will take reasonable steps to notify you in the event we are required to provide your information to third parties as part of a legal process. It should be underlined that we do not sell Personal Data and strictly comply with restrictions and prohibitions under CCPA and the EU GDPR.

As the Data Controller, we respect and guarantee the following rights of each Data Subject:

Right to obtain confirmation as to whether or not his or her personal data are being processed (§15 of the EU GDPR);

Right to rectification (§16 of the EU GDPR);

Right to erase Personal Data (§17 of the EU GDPR) if one of the following applies: (i) the Personal data is no longer necessary in relation to the purposes for which was collected or otherwise processed; (ii) Data Subject objects to the Processing and there are no overriding legitimate grounds for the Processing; (iii) the Personal Data have been unlawfully processed;

Right to restrict personal data processing (§18 of the EU GDPR) if one of the following applies: (i) the accuracy of the personal data is contested; (ii) the processing is unlawful and the Data Subject objects to the erasure of the Personal Data and requests to restrict their use instead; (iii) Dyneum Inc no longer needs the Personal Data for the purposes of the processing, but they are required by the Data Subject to establish, exercise or defend legal claims; (iv) the Data Subject has objected to processing pending the verification whether Dyneum Inc legitimate grounds override those of Data Subject;

Right to be informed (§19 of the EU GDPR);

Right to data portability (§20 of the EU GDPR);

Right to object (§21 of the EU GDPR) if the processing is justified by the "public interest" or "legitimate interest" legal ground as set out in point (e) and (f) of §6(1) of the GDPR;

Right not to be subject solely on automated processing (§22 of the EU GDPR) unless one of the following applies: (i) such decision is necessary for entering into, or performance of a contract; (ii) such decision is authorised by the law to which Dyneum is subject and which also lays down suitable measures to safeguard the Data Subject's rights and freedoms and legitimate interests, or (iii) such decision is based on the Data Subject's explicit consent;

Right to lodge a complaint (§77 of the EU GDPR).

We guarantee that making a request for receiving personal data is free unless a reasonable cost is to be charged where requests are unfounded or excessive or repetitive in character.

8. Definitions

CCPA

the California Consumer Privacy Act of 2018, Civil Code sections 1798.100.

EU GDPR

the General Data Protection Regulation 2016/679 (GDPR) is a regulation in European Union (EU) law on data protection and privacy in the EU and the European Economic Area (EEA).

Consent

any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which they, by a statement or by clear affirmative action, signify agreement to the processing of their Personal Data;

Data Processor

Dyneum Inc where it processes personal data;

Data Providers

third-party service providers or public authorities are used to collect additional information necessary for the provision of the Services.

Data Subject

any Visitor whose Personal Data Dyneum Inc may process;

Personal Data

any information relating to an identified or identifiable Data Subject;

Personal Data Breach

a breach of data security leading to unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

Personal Data Processing

any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Special Categories of Personal Data

Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation;

Third-Party Processors

processors authorised to process data activities under the direct authority of Dyneum Inc;

Visitor

any individual using the App and connected Services;

Website

https://dyneum.io/

9. Changes to the Privacy Policy

This App Privacy Policy is constantly reviewed and amended in order to provide appropriate compliance with CCPA and the EU GDPR.

If we make any substantial changes, we will notify you through the Services. Any changes to this Policy will be effective upon fifteen (15) calendar days following our notification posting through the Services. These changes will be effective immediately for new users of the Services. Continued use of the Services following notice of changes to this Policy shall indicate your acknowledgement and acceptance of such changes and agreement to be bound by the updated Policy.