Last updated: August 18, 2023
ABOUT US AND OUR POLICY
AI ARTEMIDA TECHNOLOGIES LIMITED, incorporated under the laws of Cyprus (registered number HE 387863) at the following address: 12, Demostheni Severi Ave, Office 601, 6th floor, 1080 Nicosia, Cyprus (hereafter referred to as the “Company”, “we”, “us” and “our”), complies with all relevant data protection laws and strives to maintain robust data protection for users of our Services.
This document presents the Company's Privacy Policy (hereinafter referred to as the "Policy", "Privacy Policy") regarding the nature, purpose, processing methods (collection, use, storage, distribution, deletion, etc.) and features of protecting the personal data / personal information collected through our Services (hereinafter referred to as the "Personal Data" or the "Data"). In addition, in this document, you can find information about your rights and how to contact us if you have any questions about processing information about you.
The Services in this Privacy Policy mean open data search and analytics systems with information about legal entities and individuals, court decisions, sanction lists, and other data available through the information and analytical product of the Company on the website http://www.artemida.ai/ (hereinafter referred to as the “Website”).
This Policy includes the following sections:
1. GENERAL PROVISIONS ON DATA PROTECTION
This Policy applies to those individuals whose Personal Data is processed or may be processed by us in future as a data controller, including, but not limited to, if such persons access our Services, use our Website, including the mobile application, contact us with inquiries, follow a hyperlink (link) to this Policy, or attend our events followed by the collection of Personal Data.
Our services are mainly intended for use in the United Kingdom, the EU countries, and Ukraine. At the same time, we understand that our services may be of interest to users around the world, for which reason the Company makes its website available practically worldwide, excluding the EU list of non-cooperative jurisdictions and the jurisdictions specified in the UN and OECD blacklists.
We do our best to protect all Personal Data received from our users and the Website users and comply with all local data protection laws to the extent they apply to us.
As a rule, we do not collect Personal Data when you visit our Website, except for the lawful operation of cookies and similar technologies, and when you consent to process Data in some instances. However, the provision of Data through the Website is voluntary. We do not require you to register or provide Data to browse the Website. However, a failure to provide specific Data may lead to the company’s inability to deliver you a desired service you would like to order through the Website.
If you are a UK or EU Person and to process your Personal Data we need to receive your consent as it is prescribed by applicable law, we will process your Personal Data only in the case we have received from you a freely given, specific, informed, and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data (“Consent”).
You may give your consent by ticking the respective box when you register for an account with our Service. In the case you tick the respective box, you irrevocably and unconditionally consent and agree that we shall be entitled to process your Personal Data as it is indicated by your Consent.
Your Consent covers all processing activities with your Personal Data carried out for the same purpose or purposes. When the processing has multiple purposes, your Consent should be deemed given for all of them.
All of our services available for use on the Website are governed by this Policy and relevant legislation concerning Personal Data processing and protection. If you do not want us to collect and process any Data about you under this Policy, you will not be able to use all the functionality of the Website and the related Services.
We inform you that the Company acts as a Data Controller for the purposes of the General Data Protection Regulation (EU GDPR), the UK Data Protection Act 2018, and any other applicable data protection law1 when we control Data collection methods and determine the purposes for which such Data will be used.
At the same time, we will use specific Data for or in the process of providing certain Services only at the direction of our customers, for example, when a customer using the Services finds information or himself/herself enters the information containing Personal Data. The customer independently determines the purposes of processing of, and all further proceedings as to, such Data. In this case, the Company acts as a Data Processor.
This Policy does not apply when the Company acts as a Data Processor or in any other similar role, or on behalf of a third party. In this case, we process Personal Data on the instructions and on behalf of a third party. Accordingly, a third party's privacy policy/statement shall apply.
We will process your Data only if at least one of the following legal grounds for processing exists:
Please note that our Website may contain hyperlinks (links) to external resources or third-party websites. We are not responsible for data processing by such third-party resources and websites. If you use such a hyperlink (link), first of all, please carefully read the terms of processing and security of your Data.
This Policy may be updated from time to time, including as required by applicable law. The Company may notify you of any changes to the Policy either by email (please make sure that you have provided us with your email address and we have the right to send you email notifications) or by posting a notice of changes on our Website. We suggest that you review this Policy for any changes from time to time.
Please remember that you can always delete or change your Data as well as exercise your other rights under applicable law and this Policy.
2. WHAT DATA WE PROCESS
Depending on how you interact with us, how you use the Website, and what Services you use, the Personal Data we collect and process may include the following:
Some Personal Data may be obtained by the Company from publicly available sources, for example, when such information is (a) available to the public and usually posted on the Internet; (b) lawfully made available to the general public, such as social media, public registries, etc.
In addition, we may process other Data if you voluntarily provide it to the Company, for example, when you send us a request or contact the support service.
The Company will not collect or process bank card data used to pay for the Services. This function is performed by our payment processor under its terms and conditions.
Since we may change the Services we offer, the set of data we ask for specific processes may vary accordingly.
Please note that our Services are not intended for children under 132. Accordingly, we do not knowingly collect or process information about children. If you become aware of cases of use of the Company Services by children or that we receive Data from children, please inform us immediately.
3. HOW WE OBTAIN DATA
The Company may obtain your Data in a variety of ways and from various sources, including, but not limited to:
We may collect information based on analysing the actions taken while using the Website through cookies and similar technologies.
When the Company receives any Personal Data from third parties rather than directly from data subjects, such third parties are responsible for their compliance with the relevant data protection laws.
4. PURPOSE AND LEGAL BASIS FOR DATA PROCESSING
We will process your Data solely for the purposes provided for by the applicable law.
We process Personal Data for the following purposes and on the following legal basis (data may be processed on several legal bases):
When we process personal information from public sources for our Services, we proceed from the legal basis that such processing is necessary for our legitimate interests. In particular, when using our Services by the professional community, our legitimate interests include reducing the risk of fraud, creating a more secure business environment, and increasing corporate transparency, including information about the existence, ownership, and activities of legal entities and related persons.
Where we rely on legitimate interests as the legal basis for processing your Personal Data, we will balance those interests with your interests, fundamental rights and freedoms, as required by applicable law and best industry practice.
5. MARKETING SETTINGS
The Company may provide you with marketing and event information in several ways, such as email, telephone, text messages, direct mailing, and online (when using the Services).
It is mandatory for us to comply with both your marketing preferences and the requirements of applicable data protection laws. We process your Data to send marketing materials where we have your express consent or where there is a legitimate interest in direct marketing.
The information contained in direct marketing must not conflict with your interests. For example, from time to time, we may send you marketing materials about products and services that you may be interested in based on your interest in our Services.
You can opt out of marketing even if you have previously given us consent. You can also object to receiving direct marketing.
If you decide to opt out of marketing or object to receiving direct marketing from us, you can contact us at any time. In particular, marketing emails received from the Company will have a special button or prominent link allowing you to unsubscribe from receiving such communications in the future. You can also personalise your marketing settings in your account on the Website. Alternatively, you can write a request to our data protection officer (hereinafter referred to as “DPO”), whose contacts are indicated in this Policy.
At the same time, even if you opt out of receiving marketing messages, we may send you email service announcements or essential information about transactions related to your accounts or subscriptions. This is necessary, in particular, for contract performance and customer support.
6. EXCHANGE/DISCLOSURE OF DATA AND LINKS OF THIRD PARTIES
Following the standard practice that complies with the requirements of applicable data protection laws, your Data may be transferred to third parties outside the Company in such cases:
In some cases, we may need to transfer your Data to third parties.
In particular, we may transfer your Data, including but not limited to contact and technical data, to third parties such as service providers who perform various functions necessary for the operation of our Services.
Depending on the services provided for the processing of Data necessary for the operation of the Services, we may transfer information to the following third parties based on our instructions, under this Policy, and data protection laws:
Our partners (suppliers of various services) are prohibited from processing Personal Data that we transfer to them for a specific purpose for any purposes other than those specified by us as the Data Controller. At the same time, we conclude contracts with such partners demanding that they provide the same level of protection and security of your Data that is required of us as per the applicable law. We also limit the use of your Data following any consent provided by you (if consent is the basis for Data processing).
If you use Google ID or Facebook to register on our Website, it automatically activates the data exchange between the corresponding partner and us.
In the event of a merger, reorganisation or a similar corporate event, or the sale of the Сompany or part of the Сompany's assets, the information collected by us, including Personal Data, can be transferred to another company/organisation (merger or acquisition target). Undoubtedly, all such Data transfers will be carried out under the applicable data protection legislation and our confidentiality obligations, as specified in this Policy.
Our Website may contain hyperlinks (links) to other third-party websites that do not belong to the Company and are not controlled by the Company. The Opencorporates Database (https://opencorporates.com) and the National Archives (https://www.nationalarchives.gov.uk) are among them. The Company provides such content only for convenience, and including any link does not imply endorsement by us of the linked website. Please remember that we are not responsible for using Personal Data by these websites and for their privacy policies. The Company recommends that you be careful when you leave our Website and read a Privacy Policy of each third-party website that collects and then processes your Data.
7. INTERNATIONAL DATA TRANSFER
The Company is an international company that collaborates with various companies in different parts of the world to promote and/or provide customer access to its Services. Accordingly, your Data can be processed outside your country of residence, including countries that may not provide the same level of protection of your Data as your country.
In particular, the Personal Data that we process in the context of our Services is stored in the cloud environment in Germany (service of Microsoft Azure Germany).
When we transmit Personal Data to recipients in other countries outside the European Economic Area, Switzerland or the United Kingdom, we take measures to comply with the relevant legal and technological requirements, as described in this Policy and under the applicable legislation on data protection, including the requirements in Articles 44-50 of the General Data Protection Regulation (EU GDPR).
When transferring your Data to third countries that are not bound by an “adequacy decision” of the European Commission, the Company will use Standard Contractual Clauses, mandatory corporate rules, and special agreements on data transfer and processing. In addition, we will require all data recipients to ensure the proper level of protection and security of your Data that is required by the applicable data protection legislation.
In some cases, Company may need your explicit consent to the international Data transfer.
8. DATA RETENTION PERIODS
We retain your Personal Data solely during the time necessary to achieve the goals for which we have collected it, in particular, to satisfy any legal requirements, for accounting or reporting purposes, and to ensure the performance of contracts.
To determine the corresponding retention period for Personal Data, in addition to processing objectives, we also consider the volume, nature, and category of Data, the potential risk of harm from unauthorised use or disclosure of Data, as well as the relevant requirements of the applicable legislation.
As a rule, we retain basic information about our customers for six years after they have ceased to be our customers (for tax and legal purposes).
Please note that the regulations of some countries may impose additional requirements, so the Data retention period may vary. In particular, if the legislation of a country where a user of our Services resides contains statute of limitation provisions that determine the period during which you can file a claim against us, and we therefore need the appropriate evidence of legal relations with you, we can process your Data during this period.
We also need to consider any periods for which we may need to retain your Data to comply with our legal obligations to you or regulatory authorities.
Eventually, we can minimise your Data that we process or even make your Data anonymous (for research or statistical purposes) so that it is no longer connected with you personally. If the Data is anonymised, we can use this information essentially indefinitely since it no longer contains any Personal Data.
Suppose we process Data with your consent to processing (in particular, for marketing purposes). In that case, you have the right to withdraw your consent at any time or send us a request for Data deletion or temporary suspension of Data processing. To do this, please get in touch with our DPO (please see contact information below).
The Data of individuals in the data set obtained from public sources will be published on the Website as long as it remains accessible from the relevant public sources. For example, if an individual’s Personal Data has been removed from the sanctions list, this data must also be removed from our database.
9. DATA PROTECTION METHODS
The Company is very serious about the security of Personal Data. To ensure the secure storage of your Data, we have implemented a variety of technical and administrative tools that protect the Data from any unauthorised or illegal processing and any loss, destruction or damage. We regularly test our security measures to ensure they remain operational and effective.
First, we use regular malware scanning. The antivirus protection product we use is one of the best on the market.
We use encryption when transferring Personal Data outside the Company. We definitely use other technical means to protect information that we collect online or transmit to third parties, including encryption, firewalls and password protection.
The Data you provide will be safely stored on our servers, which are inaccessible to the public.
The Company adheres to the principle of data minimisation. We process information related to our users/customers that is really necessary for us to perform certain functions and for the specific goals defined in this Policy. Your Data is available only for a limited number of employees who need access to the relevant Data to fulfil their functional duties. We constantly train the employees on our Policies regulating data privacy and security issues.
We do our best to protect the Data, but you need to be aware that no method of transmission over the Internet, or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If the Company learns of a security breach, we will endeavour to notify you provided that we are obliged to do so under the applicable legislation so that you can take appropriate security measures.
10. CONFIDENTIALITY OF FINANCIAL INFORMATION
We apply security measures when our customer orders the Services and makes payment to ensure the Data security.
All financial transactions are processed through a gateway provider, and no credit card data for financial transactions is stored or processed on our servers.
We use a third-party payment service provider to process your payments. These payment processing services allow our Website to process your online credit card payments.
An online form embedded in our Website will send your credit card information about directly to a payment provider who collects and processes payment information under its privacy policy. Only you can share information necessary to perform a transaction with the financial service provider that processes the transaction.
The Company does not participate in the transaction processing. Nevertheless, we can receive consolidated information about all purchases made, including the transaction amount, necessary to confirm the Services purchase.
11. COOKIE FILES AND OTHER TRACKING TECHNOLOGIES
Cookie files are small text files that are placed on your device, for example, a computer or mobile device, when you visit websites. The Website will remember your preferences and actions for a certain period so that you do not have to configure them again. Our cookie files usually do not identify a specific user, but only identify the device used.
Cookie files and other tracking technologies on our Website can be used in different ways, for example, for the proper operation of the Website itself, traffic tracking or advertising. In particular, we use cookies and other tracking technologies to improve the quality and efficiency of our Services and for security purposes.
To learn more about what cookies are, how they work, and how to manage or delete them, please visit www.allaboutcookies.org.
A list of cookies and other tracking technologies used by the Company on the Website, as well as detailed information about cookie files, is available in a separate Cookie Policy.
12. DATA SUBJECT'S RIGHTS
According to the data protection legislation of the European Union and the UK (EU GDPR and UK Data Protection Act 2018, respectively), your rights regarding your Personal Data include:
Please contact us if you would like to exercise any of your rights above.
Please note that not all of these rights are always available to everyone. There are individual exceptions when some of these rights do not apply to your Data processed by us.
In the case of publicly available sources, there is an exception to the “right to be forgotten” if the processing is necessary to exercise the right to freedom of expression and information. We process Personal Data in the context of performing journalistic functions, disclosing Personal Data to the public for purposes of public interest and exercising our fundamental right to freedom of expression and information in accordance with Article 10 of the European Convention on Human Rights and Article 11 of the European Charter of Fundamental Rights and Freedoms.
If we become aware that a publicly available source has removed (or made inaccessible) certain information about you due to exceptional circumstances (for example, due to a serious risk to personal safety), we will promptly update the records.
You may notify us of any request made to publicly available sources to remove or restrict access to your Data by submitting a request to us. Your request should include the relevant URLs and full details of the reasons for requesting such removal or restriction.
Please note that when you contact us, you must go through the identification process and describe your specific requirements so that we can process your request and give a lawful response. If we cannot identify you via messages or requests, or if we have reasonable suspicions about your identity, we may ask you to provide proof of identity. This is the only way we can avoid disclosing your Personal Data to someone who may impersonate you, i.e. the identification process is carried out in your best interests. Any additional information collected for verification purposes will only be used to verify identity.
While we process requests as quickly as possible, we ask you to keep in mind that providing a complete and lawful response regarding Personal Data is a complex process that can take up to a month or even longer. If we need more time to prepare a complete response, we will let you know.
13. OUR CONTACTS
Please contact us if you have any questions or would like to lodge a complaint about this Policy or in relation to our use of your Personal Data.
We have appointed a Data Protection Officer (DPO) who is the contact person for any questions or comments regarding the protection and processing of your Data.
You can contact us by sending an email to [email protected].
[1] In accordance with the Law of Ukraine "On Personal Data Protection", the Company is the owner of personal data.
[2] We consider a user/customer to be a child if they are under the age of 13, unless their country has a different age limit (in some countries, it is under the age of 16).