Last updated: 20 January 2025
This Privacy Policy describes the collection and processing of information about you that can directly or indirectly identify you, performed by the mobile application “Chatomic” (the “App”) of BrainMount Ltd (“we”, “us”, “our”). This Privacy Policy applies specifically to the Chatomic App.
Contact details of the data controller:
Name: BrainMount Ltd
Address: Vasili Michailidi 9, 3026, Limassol, Cyprus
E-mail: [email protected]
Please read this Privacy Policy carefully, as it contains essential information about the following:
We may update this Privacy Policy from time to time. For the continued processing of your personal data, we will request your consent or renew it if it was previously obtained.
We collect and otherwise process your personal data when we receive it:
We respect your privacy, and it is important to us that you understand how we handle your personal data when it comes into our
possession. Since personal data is used throughout your use of the App and, in some cases, involves third parties,
there are multiple processes for processing personal data within Chatomic. The same personal data may be processed
for different purposes.
We have described each process of handling your personal data in as much detail as possible and have dedicated this section to
explaining the purposes, the types of personal data we process, and the legal basis for processing in the Chatomic App.
Processed personal data | Legal basis for the processing | Data retention period |
---|---|---|
Maintaining the correct operation of the App, tracking technical issues, and troubleshooting problems within the App | ||
|
Legitimate interest: your interest is in using the App without technical problems; our interest is in ensuring your satisfaction, upholding the bug-free operation of the App |
3 years after the last interaction with the App or the last payment, whichever occurs later. |
Tracking and analysing trends, usage, and actions related to the App to better understand its use and improve it | ||
|
Legitimate interest: your interest is to make the App fit your preferences; our interest is to improve our App, to make it more user-friendly |
3 years after the last interaction with the App or the last payment, whichever occurs later. |
Providing access to the App functionality | ||
|
Terms and Conditions and End User Licence Agreement | 3 years after the last interaction with the App or the last payment, whichever occurs later. |
Providing you with an answer to your question (technical support, exercising data privacy rights, other assistance in connection with the App) | ||
|
Legitimate interest: our interest in improving the quality of the App; your interest in receiving a prompt answer to a question / solution to a problem |
3 months since the last communication with you. |
Advertising our App to attract new users | ||
|
Consent | 3 years after the last interaction with the App or the last payment, whichever occurs later. |
* When you send a message through the Chatomic App, it is first transmitted to our servers. Our servers then process the message using third-party services to provide you with a response. The third-party services we utilise include:
Once the message processing is complete, the response is delivered to your App. We do not store your messages and responses on our servers after processing is completed, ensuring your data remains secure and private.
We understand the importance of keeping your personal data safe and retaining it only for as long as necessary. We have detailed how long we will keep your personal data for a specific purpose in the “Details of processing” section.
Please note that there may be occasions when we are required to retain your personal data for longer than initially stated. This may include, but is not limited to, situations involving legal proceedings, investigations, or government inquiries. We will retain your personal data only for as long as necessary to comply with these legal obligations, and we will take appropriate measures to ensure its security and confidentiality during this period.
We regularly review our data retention practices to ensure that we keep only the personal data we need and that it is kept securely.
We do not engage in automated decision-making or automated profiling.
We value your privacy and care about the security of your data. Sometimes, we need to share some information with other companies. Here is why:
We make every effort to comply with all applicable laws, regulations, and legal obligations. In certain instances, we may need to disclose your personal data to comply with legal requirements, such as responding to subpoenas, court orders, or other lawful government requests, etc. In addition, we may disclose your personal data if we believe in good faith that such disclosure is necessary to protect our rights, enforce our Terms and Conditions and End User Licence Agreements, investigate fraud, or protect your safety.
We also partner with certain trusted companies to provide you with the best experience using our App. These partners may include hosting service providers, payment processors, analytics platforms, and others. We share only the necessary information with them to help them perform their functions, such as processing payments or analysing the use of our App. We choose our partners carefully and require them to adhere to high standards of data protection.
We always strive to be as open and transparent as possible regarding the processing of your personal data. If you have any questions or concerns about the transfer of your personal data to third parties, please do not hesitate to contact us for more information.
We may involve the following third parties in the processing of personal data:
We are always striving to improve our App to make your user experience more convenient and our App more interesting for you. To do this, we devote significant effort to analysing which features of the App are useful, most used, and which ones need to be upgraded. For this purpose, we engage analytics services that help us collect, analyse, and interpret personal data to improve the efficiency of the App. In simple terms, they help us understand your behaviour, optimise performance, and identify opportunities for growth.
The list of the analytical services that we may use in Chatomic:
We work with advertising networks to attract new users to Chatomic. These networks may collect certain personal data about how you interact with our App or other websites and apps, using this data to deliver ads based on your preferences and interests.
Below is a list of the advertising networks we may use for Chatomic:
We rely on trustworthy hosting providers to ensure the secure storage and processing of your personal data. These providers guarantee the availability and reliability of our App's infrastructure, including servers, databases, and storage systems. Please note that the companies hosting our servers do not have access to your personal data.
The datacenter we use for storing your personal data is located in the EU.
Additionally, in some cases, we may use services that facilitate the secure transfer of personal data from us to other companies, as well as services that prevent unauthorized data transfer and ensure the smooth operation of our App.
In some cases, we use integrations of other services to improve the efficiency, speed, and quality of the functionality provided in the App. Specific companies and certain processing details can be found in the section “Details of processing”.
Please note that some of these companies may be located outside the EU (international data transfers), including in countries that do not ensure an adequate level of protection of your personal data.
Such transfers are performed in compliance with GDPR, using Standard Contractual Clauses to ensure that your data receives an adequate level of protection.
We ensure such transfers comply with legal requirements by using Standard Contractual Clauses approved by the European Commission. These clauses require data recipients to protect data they process from the EEA in accordance with EU data protection law. Our procedures regarding data transfers are regularly reviewed to ensure compliance.
As a data subject, you have certain rights regarding your personal information. We are committed to upholding these rights and ensuring that you can exercise them effectively.
Below, you can find information regarding your rights as a data subject under EU legislation:
Right of access |
This right allows you to request access to the personal data we hold about you. |
Upon receiving your request, we will provide you with a copy of the personal data we process in the form in which you have requested this information. Please note that in some cases, we may charge you a reasonable fee for providing this information. If we are unable to fulfil your request for any reason, we will provide you with an explanation and inform you of your rights to appeal the decision. |
|
Right to rectification |
This right enables you to request the correction or updating of any inaccurate or incomplete personal data we hold about you. |
Upon receiving your request for rectification, we will review the accuracy and completeness of your personal data and make any necessary corrections or updates. |
|
Right to erasure |
This right allows you to request the deletion or destruction of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or processed (the “right to be forgotten”). |
Upon receiving your request for erasure, we will assess whether the conditions for erasure are met and, if so, promptly delete or anonymize your personal data from our systems and notify any third parties to whom the data has been disclosed. |
|
Right to restrict processing |
This right allows you to request the restriction of processing of your personal data in certain circumstances, such as when the processing is unlawful, when we no longer need the personal data, or when you have objected to the processing. |
Upon receiving your restriction request, we will not process your personal data (except for storage) unless it is based on consent or for the establishment, exercise, or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest. |
|
Right to data portability |
This right allows you to receive a copy of your personal data in a structured, commonly used, and machine-readable format if it is technically possible to do so, and to transmit that data to another controller. |
Upon receiving your request for data portability, we will provide you with a copy of your personal data in the requested format, where technically feasible. |
|
Right to object |
This right enables you to object to the processing of your personal data in certain circumstances, such as where the processing is based on legitimate interests or for direct marketing purposes. |
Upon receiving your objection to processing, we will assess the validity of your objection and, if valid, cease processing your personal data for the purposes to which you have objected. |
|
Right to withdraw consent |
You have the right to withdraw your consent to the processing of your personal data at any time. This means that if we are processing your personal data based on your consent, you have the right to revoke that consent. |
Upon receiving your request to withdraw consent, if we do not have any other legal basis for processing your personal data, we will stop processing it. |
|
Right to lodge a complaint |
If you believe that our processing of your personal data violates applicable legislation, you have the right to lodge a complaint with a supervisory authority. |
If you wish to exercise your rights as stated above, please write to us at the email address provided in the “Contact details of the data controller” section. Please note that these rights are subject to certain limitations and exceptions as provided by applicable law. To exercise any of these rights or for further inquiries, please contact us using the provided contact information.
We will address your request as soon as possible and no later than within 1 (one) month. Please note that this period may be extended by 2 (two) further months where necessary, taking into account the complexity and number of the requests. In this case, we will inform you of the extension within 1 (one) month of receipt of your request and will explain the reasons for the delay.
If you are a California resident, you have certain rights under the CCPA and other applicable laws regarding the collection, use, disclosure, and sale of your personal data. This section of our Privacy Policy outlines those rights and explains how you can exercise them:
Right to know |
California residents have the right to request that we disclose the categories and specific pieces of personal data that we have collected about them, the categories of sources from which the personal data was collected, the purposes for which the personal data was collected, and the categories of third parties with whom we have shared the personal data. |
Upon receiving and verifying your request, we will promptly provide you with the requested information for the 12-month period preceding your request free of charge in a readily usable format, unless an exception applies. |
|
Right to delete |
California residents have the right to request the deletion of the personal data that we have collected, subject to certain exceptions as permitted by applicable law. |
Upon receiving and verifying your request, we will delete your personal data from our records and direct our App providers to do the same, unless an exception applies. |
|
Right to opt-out |
California residents have the right to opt out of the sale of their personal data. “Sale” is defined broadly in the CCPA to include “selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating” the personal data of California residents. |
Please note that we do not, and will not, provide your personal data in direct exchange for money. Therefore, in the literal sense, we do not sell your personal data. However, we have disclosed some categories of personal data we collect to third parties for business purposes as explained under “Details of processing”. To the extent that this practice is construed as a “sale” under the CCPA, we will exercise your right to refuse to make a sale if you request it. |
|
Right to non-discrimination |
California residents have the right to non-discrimination, under which we cannot refuse to provide goods or services, charge you a different price, or provide goods or services of a different level or quality just because you exercised your rights under the CCPA. |
We will not deny services, charge different prices, or provide a different level or quality of services based on your exercise of CCPA rights. |
|
Right to correct |
California residents have the right to ask us to correct inaccurate personal data that we have about them. |
Upon receiving and verifying your request, we will promptly review your personal data and make corrections as appropriate, ensuring that it is accurate and complete. |
|
Right to limit |
California residents have the right to direct us to only use their sensitive personal data (for example, a social security number, financial account information, precise geolocation data, or genetic data) for limited purposes, such as providing the services requested. |
We do not process such sensitive personal data. |
If you want to exercise your rights as described above, please contact us via the email address provided in the “Contact details of the data controller” section. According to CCPA regulations, we need to verify your identity before proceeding with your request. To verify your identity, you may need to log in to your account. If you do not have an account, we will attempt to match the information you provide with what we have on file. In some cases, we may refuse the request if we cannot verify your identity, such as if you have asked us to delete your personal data.
Under CCPA requirements, we aim to respond to a verifiable request within 45 days of receiving it. If we need more time (up to 90 days), we will notify you in writing of the reason and extension period. Our written response will be sent via email.
If you have any concerns about how we handle your personal data, please inform us, and we will review your feedback. If you are not satisfied with our response to your complaint, you have the right to lodge a complaint with the relevant authority.
We do not knowingly collect or request personal data from individuals under the age of 18, nor do we allow such individuals to use our App. If you are under 18, please refrain from providing us with any personal data. If we become aware that we have inadvertently collected personal data from someone under 18, we will promptly delete it. If you believe that we may have personal data from or about someone under 18, please contact us using the provided information.
Our Privacy Policy may include links to websites operated by third parties that are not under our control. If you click on a link to a third-party website, you will be redirected to that website. We recommend reviewing the privacy terms of each website you visit. We have no control over and do not assume any responsibility for the content, privacy terms, or practices of third-party websites or services.