Effective date: April 18, 2019
Last updated: April 18, 2019
This document provides information about our encryption technology platform. The intention of this document is to provide you transparent information how the Cypherdog platform runs and how the data is processed, collected, and stored in the platform. We realize that some technical terms might sound complicated to you, so this document presents those terms in simple words as well as explains what the goal of data processing is.
Cypherdog is firmly committed to protecting the privacy of Internet’s users and fostering users’ confidence in online advertising and marketing. Accordingly, we are committed to observing applicable industry guidelines including those established by the Interactive Advertising Bureau and the General Data Protection Regulation (“GDPR”) by the European Union. We continue to evaluate enhanced ways to protect Internet users’ privacy while seeking to deliver relevant advertising and custom online experiences to those users on behalf of our customers.
This document outlines Cypherdog’s End User Policy and provides you clear notice about the user’s information we may collect and process online in connection with our services.
- Applicable laws: All the laws and regulations relevant to the collection, processing, and storage of data, especially all thedata protection laws and the General Data Protection Regulation (EU) 2016/679 (GDPR).
- Cookie: They are small text files stored locally by a website or ad server. By storing certain information in a cookie, those web browsers or ad servers are able to remember your preferences and recognize websites visited and / or web browser used from one visit to another. To learn more about cookies and how to disable them, visit http://www.allaboutcookies.org.
- Customer: The party who submits an application on the registration page and uses the Cypherdog platform.
- End user (visitor): This is a user of an Internet connected device, such as a visitor to a website, a user of a mobile app, or a user of an IoT device, or a visitor on an advertisement, landing page, or campaign.
- Geographic location: This is a piece of information where you are located based on an IP address. Precisely, this is a location of your device that is connected to the Internet and based on that we are able to define a country, region, city, and Internet Service Provider (ISP) your device is connected to.
- HTTP request header: The request header of HyperText Transfer Protocol. The HTTP protocol is used all around the world. Almost all content that shows up in the browser you see is transmitted to your computer (or other device connected to the Internet) over HTTP. For example, when you opened this policy in the browser, many HTTP requests have been sent. Each request contains an HTTP header in which there is information about the browser you use, the requested page, the server and much more.
- HTTP request parameters: The request parameters of HyperText Transfer Protocol are additional pieces of information transmitted from one device to the other that you might see in the address bar of your browser. They are in the form of name=value pairs separated from the URL by a ?. There might be more than one name=value pair, where each of them are separated by an &.
- IP address: An Internet Protocol (IP) address is a set of numbers that each device has assigned to connect with other device over the Internet network. The IP address allows addressing and delivering the information to the right receiver. Every time a piece of information is sent, a device needs to communicate with other devices in a computer network to be able to deliver the message. Sending information in that context means every kind of activity such as surfing, exchanging emails, or downloading an application. The IP address is used to identify the device to which the message is supposed to be sent and find the best way to deliver it.
- Personal information / personal data: Any information relating to an identified or identifiable person as defined in article 4.1 of GDPR.
- Processing: Any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (process, processes and processed shall have the same meaning).
- User agent: Information about a device, operating system, web browser is being used to access a website.
- You (visitor): A person who can visit digital advertising campaigns on the Internet.
II. What is Cypherdog?
Encryption and file transfer. Two remote users only on the basis of their email address (username) have the ability to exchange files and confirm their identity in a secure manner. The file encryption process will take place on the sender’s computer side, then the file will be sent to the recipient via e-mail, cloud or other channel independent of the system. The recipient will be able to decrypt the file only on his personal computer. The system will consist of, among others from a web part that stores public keys of users, a mobile application and Java FX applications encrypting and decrypting files on users’ computers.
Backup encrypted files in the cloud. The system user will have a cloud disk with a capacity of 100 GB to store encrypted and unencrypted files. The FX application will allow you to synchronize files to and from the cloud. Using the cloud will be charged.
Encryption and sending messages. Users using the mobile applications and FX Applications will be able to exchange messages (chat) in a safe way. Track after sent message disappears. It’s untraceable.
III. Cypherdog’s Role in Processing Personal Information
While our customers use Cypherdog, we act as a customer’s data processor meaning that we process end user’s personal data on behalf of our customer under customer’s instructions under Data Processing Agreement.
In order to legally process end user’s personal data when we act as a data controller for Cypherdog, we rely on a legal basis listed in the VII. Legal Basis for Processing User Information section.
IV. What Kind of Data Do We Collect and For What Purposes?
In order to perform our services, we are intent on collecting and processing certain information about you and your device. Some of this information (including, for example, your IP addresses and certain unique device identifiers) may identify a particular computer or device and be considered as personal data in some jurisdictions, including the European Union. The Cypherdog platform does not collect any data which by itself identifies an individual such as a name, address, phone number, email address.
We also do not collect any “sensitive” or “special categories of personal data” as defined under the European data protection laws as well as personal data of children.
An IP address is used to identify the device’s location as well as, to some extent, user’s location. Based on the IP address visitor’s country, region, city can be characterized and stored in the Cypherdog platform.
A user agent helps us to identify what kind of a device a visitor uses (TV, desktop, table, mobile phone) and which model it is. Even more, this piece of information is stored to establish device’s parameters such as browser and browser version, operating system, and operating system version. It also allows us to detect the automatic computer programs and fraud attempts.
A device ID is a unique identifier used to accurately measure actions taken by a specific device. It plays a role in personalization, distribution, and performance of the traffic sent to a visitor. The ID enables us to do cross-device matching meaning that the advertisement will be displayed only on one device that belongs to a particular user. It means that if you are an owner of more than one devices connected to the Internet, the IDs of those devices can help us to identify you, determine which advertisement was displayed on which device, and eliminate ad display repetitions for you.
Unique Identifier (UID)
A unique identifier generated by the platform enables us to match registered events and control the frequency of those events in Cypherdog.
V. How Do We Collect Data?
Cypherdog uses both types of cookies: session cookies and persistent cookies. Those cookies are used not only to follow visitor’s activities, but also to improve visitor’s experience while surfing through the Internet websites. Session cookies does not remain after closing a web browser and does not store any information afterward. Persistent cookies are stored locally on your device and may be used by your web browser on subsequent visits to any website. They are used to remember your preferences and personalize the ad content.
In the tracking part of the advertising platform, we also use non-cookie technology such as pixels to set up the communication between your web browser and a server.
In the tracking part of the Cypherdog platform the following technology is used to gather the data:
- Impression cookie: Some of our customers are only interested in displaying advertisements on websites, so the ads might be noticed by an end user. This type of advertising refers to impressions or ad views. The cookie helps us to monitor this type of activities. It is a session cookie, so it exists as long as your session lasts in your web browser.
- Conversion cookie: This is a cookie that allows to combine a display of an advertisement with a visitor’s actions that happen for a particular offer afterwards. Our customers may define what kind of an action the visitor should take upon to call the ad display successful. For example, they may offer a promotion of an app subscription – every time a visitor subscribes to a particular system, that action is registered as a successful event in the Cypherdog platform. The cookie allows us to define wether the action happened or not for a particular visitor. That record allows us to measure visitor’s behavior and personalize the ads displayed on websites. It expires after 365 days.
- Lander cookie: This is a cookie associated with a visit on a displayed advertisement. It stores different pieces of information about the visit itself as well as other parameters such as a web browser type, web browser version, device ID. This data is only used for statistical and reporting purposes in the Cypherdog platform. It expires after one day.
- Unique session cookie: It is used to detect whether a visit is the first visit of a visitor for a particular advertisement or not. It is a session cookie, so it exists as long as your session lasts in your web browser.
- Opt-out cookie: This a cookie that is used for the opt-out option for Cypherdog. It gives us information that you do not want to be tracked with desktop and mobile environments. It expires after at least 2 years.
- Tracking pixel: This is an invisible, very small (1 x 1) pixel tag that our customer can put on a website. When you as a visitor open a website where the tracking pixel is placed, the information is sent to Cypherdog. Pixel tags are used in combination with cookies to track user’s activities while surfing through websites by a particular browser on a particular device.
VI. Legal Basis for Processing User Information
If you are a European Union End user or GDPR applies to you under the Applicable Law, our legal basis for collecting and using the end user’s information described above will depend on the user’s information concerned and the specific context in which we collect it.
We may also use the end user’s personal data because of our legitimate interests to:
- Operate and improve our technology
- Enable standard advertising controls
- Prepare reports that summarize visitor’s activity
- Analyze and report on the advertisement’s performance (such as tracking views of ad as well as click-through rates on ads), campaign reporting, and campaign forecasting
- Protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
If you have questions about or need further information concerning the legal basis on which we collect and use of this data, please contact us using the contact details provided under the Contact us section.
VII. How Long Do We Store Data?
VIII. European Data Subject Rights
If you are a European Union end user or GDPR applies to you under the Applicable Law, you have certain rights and protections under the law regarding the collection, processing, and use of information about you. In particular, you have the right to:
- To request an access and obtain a copy of your data.
- To request a rectification (correct or complete information about you) or erasure (it is sometimes called ‘the right to be forgotten’ that applies in some circumstances).
- To restrict the processing end user information.
- If applicable, to the data portability.
In certain circumstances, you may also have the right to object to the processing of end user’s information when personal data is processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data, or if your data is being processed for direct marketing purposes.
If you have given us your consent to process your data, you have the right to withdraw your consent. The withdrawal of consent does not affect the compliance of the processing which was made on its basis before the withdrawal of consent.
You have also the right to lodge a complaint with the Supervisory Authority in particular if you feel that Cypherdog has not responded to your requests to solve a problem.
If you would like to exercise any of these rights, please contact our data protection officer: firstname.lastname@example.org. Please include information that will enable us to verify your identity within your request.
In addition, you may also use our opt-out functionality described in point IX. Your Choices and Opt Out Option.
IX. Information Transferred from Third-Party Services
This policy does apply only to usage of the data by the Cypherdog platform and does not explain the practices of other third-party advertisers or advertising networks. We do not control the privacy practices of such third parties, and you are obliged to get familiar with the privacy policies of those third parties when you use their services. We provide a full list of all advertising networks as well as links to the privacy policies that are published on their websites:
We also inform you that we may disclose your information to the following categories of recipients:
- To our third-party services providers who provide data processing services that support the operation of our services (acting on our behalf), such as analytics providers, IT services providers (for example, cloud or host services providers).
- To our clients and partners to deliver interest-based advertising and other information describing, for example, location context and general statistical information.
- To any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) under applicable law, and
(ii) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.
X. Transfer of Personal Data Outside EEA
We work with customers and partners throughout the world, including in the European Economic Area (EEA) as well as countries outside of the European Economic Area (EEA).
In order to ensure that your personal data is adequately protected when transferred outside of the EEA, Cypherdog:
- relies on EU-U.S. Privacy Shield Program – Privacy Shield is a “partial” adequacy decision, as, in the absence of a general data protection law in the U.S., only the companies committing to abiding by the binding Privacy Shield principles benefit from easier data transfer. In such cases your personal data will be transferred to the territory of USA in accordance with applicable laws, with appropriate safeguards in place, only to Privacy Shield certified vendors (according to the EU Commission Decision 2016/1250) or by using standard contractual clauses adopted by the European Commission (EU Commission Decision on standard contractual clauses for the transfer of Personal Data to processors established in third countries under Directive 95/46/EC (the “Model Contract Clauses”), or based on other applicable transborder data transfer mechanisms,
- has entered into inter-company EU “model clause” agreements.
You may contact us if you require a copy of the safeguards which we have put in place to protect your Data transferred outside of the EEA and your privacy rights in these circumstances.
You may also learn more about:
- Privacy Shield Program here https://www.privacyshield.gov/Program-Overview and here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en.
- EU Commission Decision on standard contractual clauses for the transfer of personal data to processors established in third countries here https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087 and here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
Cypherdog uses various security technologies and procedures that help protect your personal information from unauthorized access, use, disclosure, alteration, or destruction.
- Personnel: Only qualified and authorized employees are permitted to access personal information, and they may do so only for permitted business functions.
- Data Protection Officer: We appointed a Data Protection Officer who in particular watches over the security of your data, monitors our compliance with GDPR, and is a point of contact for you in all matters regarding Data protection; you can contact our Data Protection Officer via email: email@example.com.
- Security Measures: We use encryption in the transmission of your personal information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your personal information.
- Payments: All supplied sensitive / credit information is transmitted via Secure Socket Layer (SSL) technology and then, encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.
- Additional Safeguards: We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of your information. Our security procedures mean that we may request proof of your identity before we disclose personal information to you.
Protecting children’s privacy is very important to Cypherdog. Our platform is not intended for, designed to be used by, or targeted at children. We do not allow our partners and customers to send to us personal data of children as defined under GDPR.
XIII. Contacting us
If you have any questions or concerns about our use of Data Processing Agreement, you may contact us using the information below:
Cypherdog Sp. z o.o.
Plac Solny 14/3, 50-062 Wrocław, Poland
General contact form: https://cypher.dog/contact/
Cypherdog’s Data Protection Officer contact: firstname.lastname@example.org