Privacy Policy

1. Introduction

This Privacy Policy ("Policy") explains how Cycleone Limited ("Cycleone," "we," "us," or "our"), a company registered in England and Wales under company number 16873200, collects, uses, discloses, and safeguards your personal information when you access or use our websites, mobile applications, APIs, and related services (collectively, the "Services"). We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), the Data Protection Act 2018, the Swiss Federal Act on Data Protection (FADP), and other applicable data protection laws. By using our Services, you acknowledge that you have read and understood this Policy and consent to the practices described herein.

2. Data Controller

Cycleone Limited is the data controller responsible for your personal data. Our registered office is located at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. For any questions or concerns about this Policy or our data practices, please contact our Data Protection Officer at dpo@cycleone.app.

3. Information We Collect

Depending on how you interact with our Services, we may collect the following categories of personal data:

4. How We Use Your Information

We use the personal data we collect for the following purposes:

• 1.Service Provision: To operate, maintain, and improve our Services; process transactions; manage your account; and provide you with requested features and functionality.
• 2.Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance.
• 3.Security and Fraud Prevention: To detect, prevent, and investigate security incidents, fraudulent transactions, and other harmful activities; to verify user identities; and to protect the rights and safety of our users and third parties.
• 4.Analytics and Research: To analyze usage patterns, measure performance, conduct research, and develop new products and features.
• 5.Marketing and Communications: To send promotional materials, newsletters, and updates about our Services (where you have consented or where permitted by law). You may opt out at any time.
• 6.Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests; to enforce our terms and policies; and to exercise or defend legal claims.

5. Legal Bases for Processing (GDPR)

If you are located in the UK, EEA, or Switzerland, we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary to perform our contract with you (e.g., providing Services you have requested).
• Consent: Processing based on your freely given, specific, informed, and unambiguous consent (e.g., marketing communications).
• Legitimate Interests: Processing necessary for our legitimate business interests, provided such interests are not overridden by your fundamental rights (e.g., fraud prevention, service improvement).
• Legal Obligation: Processing necessary to comply with legal or regulatory requirements.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Service Providers: Third-party vendors who provide services on our behalf, including hosting, cloud computing, payment processing, identity verification, analytics, customer support, and email delivery. These providers are contractually obligated to protect your data and may only use it for the purposes we specify.
• Business Partners: With your consent, we may share data with partners for joint offerings, promotions, or integrations.
• Legal and Regulatory Authorities: When required by law, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, prevent fraud, or ensure user safety.
• Corporate Transactions: In connection with a merger, acquisition, reorganization, bankruptcy, or sale of assets, your data may be transferred as part of the transaction, subject to standard confidentiality arrangements.

Important: We do not sell your personal information to third parties for their marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK, EEA, or Switzerland, including the United States and other jurisdictions where our service providers operate. When we transfer data internationally, we implement appropriate safeguards to ensure an adequate level of protection, including Standard Contractual Clauses (SCCs) approved by the European Commission and UK Information Commissioner's Office, or reliance on adequacy decisions where applicable.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, comply with legal and regulatory obligations (including anti-money laundering record-keeping requirements), resolve disputes, and enforce our agreements. When data is no longer required, we will securely delete or anonymize it in accordance with our data retention policies. Retention periods may vary depending on the type of data and the purposes for which it is processed.

9. Your Rights

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

To exercise any of these rights, please contact us at privacy@cycleone.app. We will respond to your request within the timeframes required by applicable law (typically within one month).

10. Security

We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, secure access controls, regular security assessments, and employee training. However, no method of transmission over the internet or electronic storage is guaranteed to be 100% secure, and you acknowledge that any information you transmit is at your own risk.

11. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to enhance your experience, analyze usage, and deliver targeted content. For detailed information about the types of cookies we use and how to manage your preferences, please refer to our Cookie Policy.

12. Third-Party Links

Our Services may contain links to third-party websites, applications, or services that are not owned or controlled by Cycleone. We are not responsible for the privacy practices, security, or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Children's Privacy

Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will post the revised Policy on this page with an updated "Last updated" date. For material changes, we will provide prominent notice (such as via email or a banner on our Services). Your continued use of the Services after any changes indicates your acceptance of the updated Policy.